{"report_id":"4c702b90-1e2c-4d5f-9d3c-3809682be6fd","version":0,"status":"done","tags":[],"date":"2026-07-04T10:30:49Z","url":{"schema":"http","addr":"rainbet-casinonorge.com","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":0,"asn":0,"as":"","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"rainbet-casinonorge.com/","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"title":"Rainbet Casino Norge - Oppdag Spenning med Bonuser \u0026 Live Spill","dom":{"size":52118,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1473)","md5":"5bec4c990f5261680a3f57a48e6768c9","sha1":"8203ec6a6cbc6323423d844348193a9c34c11618","sha256":"9011f271fd6a8514c37e6ead3b6fb00c3a3c6bbf20b2bc20452b3b5b6550b2ff","sha512":"9b758f169d4e91b06390ab3dccb2f0432fdaeab19b7d99ca4d0e71b8e5b01fa918532acaf136c170ca21f7590566ea5644cc2536275838a4ca32aa67ceec1554","ssdeep":"384:b5q5A8OOn9r1X8E/UxE+NvR1ehrjbgzYTGQo2PLOneXxYY8:bIe8OOnXsEG31mrjbgzGPLOeXOY8","tlshash":"10338922a0f5412b02a797d199217f1a6e45c01fc95a4e62f3ec47eeafc3e418de725c","dom_hash":"domhashb6e79952aef99047346d1c97bc0bf444","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rainbet-casinonorge.com","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":0,"asn":0,"as":"","country":"Canada","country_code":"CA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-08T10:30:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"rainbet-casinonorge.com","ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"domain_registered":"2026-03-06","domain_rank":0,"first_seen":"2026-07-04T10:30:50.304969Z","last_seen":"2026-07-04T10:30:50.304969Z","alert_count":154,"request_count":77,"received_data":1517092,"sent_data":40469,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Twenty Twenty-Four","description":"Twenty Twenty-Four is the default WordPress theme for 2024.","website":"https://wordpress.org/themes/twentytwentyfour","common_platform_enumeration":"","icon":"WordPress.svg","categories":["WordPress themes"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/themes/twentytwentyfour/script.js","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"03a73da42ff9f2dbfa64323a0b20aca1","sha1":"2eebe6363e998601971d32c58ec40dd2ee7eb571","sha256":"8c2068d5bfef489575f0ec2475437dd0bc06f418067099d379fe0efcc3a8b907","sha512":"1d0c94ccb9f1c03b0b424affbf54801e727bd0539347fca1eae9e030a2a9eff756a47b9f4069fab4ea0acee14f6cc41cf3e16e6adae1573411411910f25e185d","ssdeep":"","tlshash":"6c119b28317a11726133b29b77df86d8322020cbe445dd853d7c8b462f91c9404f5bde","size":1071,"data":"","first_seen":"2026-07-04T10:30:55.322491Z","last_seen":"2026-07-04T10:30:55.322491Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/78be457ecb533419.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.926Z","timestamp":1783161025926,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/78be457ecb533419.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":898,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/bcff592a5545ce66.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.607Z","timestamp":1783161025607,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/bcff592a5545ce66.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24141\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-5e4d\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24141,"size_decoded":24535,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"342238a10199f5584fe84850dd98b10a","sha1":"09a3641d178817003cc352974e4247683278ab0b","sha256":"e9e3e2b78902b7d98e95276a7a13ffad1cb72fd7f029b71a03a202c78651af42","sha512":"daedabab0980afcbdebf5a6639f8433dc5587a4814b7f15e2cd84562b08cd9162af1d85cf81e9e75461954920c78f934c81e326b0517b594a41642395e09e1ed","ssdeep":"384:lM9HVO2aqhb3cocBGa7VgNSxZKADqcoAvVaS6ujWR+LNyVaB7OZiblkmk+8VHMJU:l+Zt7a7VgkxBMWacjWYZFSiFk+R11NNe","tlshash":"29b2f172401811f9a29a7dea64ef9b541f335c83241f0869bab7e879103c2ca67cd1d2","first_seen":"2025-10-12T07:48:56.759175Z","last_seen":"2026-07-04T10:30:55.302094Z","times_seen":38,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":859,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/0fd998b2ae320903.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.617Z","timestamp":1783161025617,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/0fd998b2ae320903.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 2070\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-816\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2070,"size_decoded":2461,"mime_type":"image/png","magic":"PNG image data, 200 x 29, 8-bit/color RGBA, non-interlaced","md5":"d2ec76eb63497a3be6c84d76342f7c8e","sha1":"22dec907b7dabe554c2cfb824a3fbfb06412e33c","sha256":"8a0a1981ce492013306885e7243bf162d403736313dc55e2df283cd00007be76","sha512":"a69a9a1ca455f541cf6a1085866341c0979a28b4d26cd5c7c5591ad9845ee2c03adcc83aec086a48a7e39d35bdfb86b0ab98fe7856dae9698dd09a0a85597f8f","ssdeep":"","tlshash":"ce41f8da2a10acf53c69c6399d54baf19512562fd58fdceeff1531380b09106cd74822","first_seen":"2025-10-12T07:48:56.63266Z","last_seen":"2026-07-04T10:30:55.302642Z","times_seen":36,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/d1afd1fb5eba483b.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.855Z","timestamp":1783161025855,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/d1afd1fb5eba483b.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/5af13020f7df3155.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.893Z","timestamp":1783161025893,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/5af13020f7df3155.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/6b33b3a76a28a73a.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.903Z","timestamp":1783161025903,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/6b33b3a76a28a73a.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":668,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":668,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/f4a18511ac11223c.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.928Z","timestamp":1783161025928,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/f4a18511ac11223c.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":767,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":767,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/favicon/favicon-16x16.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:26.823Z","timestamp":1783161026823,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /favicon/favicon-16x16.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 794\r\nlast-modified: Mon, 09 Mar 2026 17:47:58 GMT\r\netag: \"69af07ce-31a\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":794,"size_decoded":1184,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced","md5":"072af2f72953b928255c5f76a4ead1e7","sha1":"74eb9ee22c1f13692d2b7ef99241ff13c3ae36db","sha256":"850e8fe62b1ceaeab9175d760a7cd0196db7598fb2127b8e6eed0c23d4d24c40","sha512":"b31cf445a0917c3026e19633c36713edea6c8eb29fd502bcee93ab355f0b58676e18c79d619b786516f8762c19134696d7203f7bc7ac3a350dd9d308b05eccf0","ssdeep":"","tlshash":"bc01cac3401d56358cd31904cc41781aa6830bac77c19b04492ab4266f22b43941cf05","first_seen":"2026-07-04T10:30:55.303804Z","last_seen":"2026-07-04T10:30:55.303804Z","times_seen":1,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/c69a7cf152e72420.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.865Z","timestamp":1783161025865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/c69a7cf152e72420.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/fc2270c3ffd110e0.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.573Z","timestamp":1783161025573,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/fc2270c3ffd110e0.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 26132\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-6614\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26132,"size_decoded":26526,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"a29cac72ae4520e7c98bb3065a72f6c0","sha1":"bf03f671b834db8a8a9e19d5eb1c9220dcf66f58","sha256":"1490d5de6ef366b7d80ba4bcb9799b6efe2b871dc9590e1d51c235ce01663f7c","sha512":"922bbdd55d377fdea031dfe1349f605adc221c78ebfa624fa4c253ca459491e7fedfbba808ceda456942b2ebf037e9f361edc49b03dfee545b0ff368dcdfed8f","ssdeep":"768:kDTIUwozJ095iRTNoEd89D7rqbOLfa4PdSf:kXIUwKLJurAczdk","tlshash":"34c2e112b25030ab3ddc7c9046a208143df2da3dd5914f9ef376d88aa60e6c4dc3935e","first_seen":"2025-10-12T07:48:56.684326Z","last_seen":"2026-07-04T10:30:55.304764Z","times_seen":38,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/17c441089794daeb.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.583Z","timestamp":1783161025583,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/17c441089794daeb.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19260\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4b3c\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19260,"size_decoded":19654,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"82da36d1ce860447b0c64e1f74db130d","sha1":"a798edb734fd4af73aee64cf8e4d5c24f2347507","sha256":"076e5be93589f4f87987aab6b4b1330779a5ee8eb2d446a34957f4fce33455e6","sha512":"cb0f15b4a741fe5c51a83ebba57853fc65ad67d8eb2a0a55c63899252e7b0d35e2534e59f6c22bda8e0b52d6cfde7adf372d08a3425a7e852ada1d957ccc5433","ssdeep":"384:RY1RLujg6+ioob66qhFravZHTJl3n9MmtXa+E4ioZzcK:uzLgg6jLqHravZTv39MxE9ZAK","tlshash":"c482d0b210c07f27f35c9ebeb7a8c87787e347295786b3876239de9292850c78848345","first_seen":"2025-10-12T07:48:56.620089Z","last_seen":"2026-07-04T10:30:55.30534Z","times_seen":38,"resource_available":false,"data":null}},"time_used":684,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":684,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/51896968f1d2ab18.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.592Z","timestamp":1783161025592,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/51896968f1d2ab18.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19509\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4c35\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19509,"size_decoded":19903,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"4a4a7b11403a57b9a44c6003e08bf9a4","sha1":"7213b138996ff205e92675936c5de0740bce835d","sha256":"937087e34c8fbc643c605a3aa19f4e737544ea0b2214f857c597dd3645d2d816","sha512":"62a541768c16c1f53aba733f6181962cbddf8588dbc490e8a54e74c3615190f48596df1994ca986e74ed9cef4c9add928e4c3029df9c328a5b9c3a2c88859740","ssdeep":"384:eQSkwV+SOSSnTvFygSmBAEu9Hbktb6/HqB+DMcLHTyMH9:BlwVSSSnp1ra7ktb6/1M4TyMd","tlshash":"4a92c0379b49999fe6162fbc5ea347218acf588d18bb4ba344bcf0a823501e9d41d42d","first_seen":"2025-10-12T07:48:56.736156Z","last_seen":"2026-07-04T10:30:55.306347Z","times_seen":38,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":376,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/743af61133abebe1.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.859Z","timestamp":1783161025859,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/743af61133abebe1.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/46a0aa93365774cd.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.576Z","timestamp":1783161025576,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/46a0aa93365774cd.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 18867\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-49b3\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18867,"size_decoded":19261,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"a1f257fd5852a3367435d988e537da48","sha1":"f418358044d2c53cbbb99848d3db32b1eb8f62cc","sha256":"a5cbd71502bb8465b631e6316ed8ed331efc325855b98b0cefd0896e3e2e237b","sha512":"b662716c76116fbf73b06879a650a325c7ad5ae167925c6bb40e10c1c8680e7a87bde646a69cc382b5e5d5212b822cdff2738b94e5aebbe8b597730ce0135c68","ssdeep":"384:NqtOxX6jU2O/2ODee0/QIo1Wcn8BpDfV5rHRg84ZA1l3:UOxX63ODeQMc8BpDfrHN4ab3","tlshash":"1682d021939c5855f52e1d3cd28373d8a1c63a8f4e477be8a1b2f2b2792d1cd94ac901","first_seen":"2025-10-12T07:48:56.613703Z","last_seen":"2026-07-04T10:30:55.307298Z","times_seen":38,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/79fe534c71078631.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.911Z","timestamp":1783161025911,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/79fe534c71078631.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":682,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/402df68f159b3dc8.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.924Z","timestamp":1783161025924,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/402df68f159b3dc8.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/9118628035661dcd.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.929Z","timestamp":1783161025929,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/9118628035661dcd.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":778,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":778,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/ecb4452e78beb739.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.579Z","timestamp":1783161025579,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/ecb4452e78beb739.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20677\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-50c5\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20677,"size_decoded":21071,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"b7ca976f7005f75e99b8864e76de6a99","sha1":"086103a1798abf487b80ea569d08126b610fe80a","sha256":"6ff52ff1573f92eca5873d04f10dda45a32c90d2fc38a1416eaba66711a16ce1","sha512":"236a47025de8ca904a6b70e1f5294f7322a25e0298e798cc7c58e293e83e774bf43b7427780edf4dd80d5d40aa3d5eb22be6513f683312a4199c145d220924b3","ssdeep":"384:H5svauSJL9pb8feVzwU2NSXFfQe3FZixXlyTneEufxzQz8QZFsJ:H5TpwW5h20FIeVwTweXJUIKFo","tlshash":"9892c0648d7f8111e59e0c3366b287ac2e197d478235abf7d038c9acf7d25cb166028a","first_seen":"2025-10-12T07:48:56.688486Z","last_seen":"2026-07-04T10:30:55.307853Z","times_seen":38,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":687,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/e00f253e7198359b.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.581Z","timestamp":1783161025581,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/e00f253e7198359b.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20713\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-50e9\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20713,"size_decoded":21107,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"e77c18be6bc9c3458fd95679b3256f70","sha1":"96078530acc96136747f79245cf4baa1cedcf15f","sha256":"011f43ed3812a0d4bb74da712ab13f37f5ed4cabfa87017ff352f1e69bf3066d","sha512":"73749bdd6d3a83c453fde8f65b88ebbfaccb3382decb7a8f3525dac44b6a0686cdcf63e0f3feaec9adbbd27732ef2043557f4f97a6bde6e7b8e8181bedb7254a","ssdeep":"384:M/Jjb8Ms7MTWdYCioypWZSJYTso2hZP+lDmaOPACGWlDFn85YMYsX:0xHobs4SJ+DAaDmaOPVs5dYK","tlshash":"c392f1b29bd896abeb876e27e01d41f4ca999146fe31c29914b9e03e100f5f1d81417d","first_seen":"2025-10-12T07:48:56.649133Z","last_seen":"2026-07-04T10:30:55.308874Z","times_seen":38,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":686,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/3121afa15da5efa4.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.598Z","timestamp":1783161025598,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/3121afa15da5efa4.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21778\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-5512\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21778,"size_decoded":22172,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"730b2d8168e5666da11f10561fa2727f","sha1":"5bcf4a2b9d87af29865764b13a1e3825851c4388","sha256":"2be30e062ae7482f87c8d50cc6568df7ad3c4cb247b1550b35bf8292837678c6","sha512":"ba5f47ddee27e0f818f21117e9faa61e98422412ab568873c36b0edcdc6ac31775677f83252f2fe40e5f07d647f128b2c1c2ded8a6db9a6dcf6c6a96b9ab3f72","ssdeep":"384:HF2AYV8ULedv1+k4OrxOl6AjmPwqYVxjMP3Zs4gJnukoVKca2lbYgXkaWdQpsvXf:EAQ4J1+KxOMAiPUxIP3oPCKcNboaWcsn","tlshash":"fca2e1d9a7a2d7c2e3a19ce5688d1e2a00506c18265f793c50b1cc2e95743eb92e0f7c","first_seen":"2025-10-12T07:48:56.698277Z","last_seen":"2026-07-04T10:30:55.309786Z","times_seen":38,"resource_available":false,"data":null}},"time_used":771,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":771,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/414794ff05a526be.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.599Z","timestamp":1783161025599,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/414794ff05a526be.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19565\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4c6d\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19565,"size_decoded":19959,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"79ab9a51578a15bae5fcc273367f4df3","sha1":"65d62304507516c239a0f6e77e3c68ac53d79a44","sha256":"b5f51e3882841d3ebdf9a83a0e5ee1590ac4b7a6ee08bc240f1bea03a68d6d10","sha512":"aca431c380aed4fa232cb0eb799ad059d5ae4c240aa4bcc7f17e89faf4e6d13a68a26d90fcd46e9a21ba0def297de3db418ea1eb571d5d635d4848acb4d54017","ssdeep":"384:Jgp/BCqYuEjIxy4bkToQQ7+0xsAK1YyZ/uFCeHKHQaKvDD0zNS8VHfZWJOXhN2N1:KpEq9o/Tof7nnEYyte9HKHQaKvDQzNSj","tlshash":"9792d1e7e1279688b90b4d2b54210f3424f4ec872bcd1598bd3fdda6e1796d85a0e08c","first_seen":"2025-10-12T07:48:56.661326Z","last_seen":"2026-07-04T10:30:55.31114Z","times_seen":38,"resource_available":false,"data":null}},"time_used":769,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":769,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/0c1f3939739e3723.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.868Z","timestamp":1783161025868,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/0c1f3939739e3723.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":600,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/4622ee38a2a8fa8e.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.883Z","timestamp":1783161025883,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/4622ee38a2a8fa8e.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/74122d1cca6c1510.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.593Z","timestamp":1783161025593,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/74122d1cca6c1510.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 18424\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-47f8\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18424,"size_decoded":18818,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"5394a596c9b225fd736a72ddc4d952b2","sha1":"bb1df2cbc2496db5355e2c4d47094c63c08d7d48","sha256":"455f65415ce4fbd971e18bb0f823477d7409a289b726ba7c44b2dc196fc1b4b3","sha512":"1b4e1df9174216c8adf8ec4e3a4f7860aca88d7da472f03b3806a6e7bbbc4e99aaa62190d1540d7aff4cd36ead8eb3a2c35d2ad5082268ad922c1cc42d01b115","ssdeep":"384:jYsiuKVm3x/FjNbZjGjQdVPFvwP2VQ2htoBrMJTCsqR520:jYiKVm3FFj7GWF4ihghMJT4n","tlshash":"cf82cfa0da157c56fe396d7802356c0783038454ad261ac121bffaf446252ff95ef2d9","first_seen":"2025-10-12T07:48:56.623297Z","last_seen":"2026-07-04T10:30:55.312033Z","times_seen":38,"resource_available":false,"data":null}},"time_used":774,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":774,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/c38b48784486cf3d.webp","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.609Z","timestamp":1783161025609,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/c38b48784486cf3d.webp HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/webp\r\ncontent-length: 42616\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-a678\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42616,"size_decoded":43010,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x866, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"323b5f866c85249292a6fb8c99cd9c86","sha1":"2c25a75b4c94067a33ab3e38324cab0a97fa5b67","sha256":"b61ec35c56b4fc213190a74b72366975b5a3be0223c03f539b4025cfec8c55d8","sha512":"bae23ecd07db1d0f7eaecd4d18dfb97fcc8e7cec147dc8d3d1802ebe15e40d72f00d737f1ef8f35e25169bf5ab9366e0ce5b1c90ad841b5d4ff5eee4eae16b6c","ssdeep":"768:epmUOf1iCDJOVoeyREgtsMfKwuwiDhoXuyj1cuf9Z+3IrFzutmTOk:bCzoZolhyW89Z+s","tlshash":"d413e121a85f88e70409c4ee8ebd8f5fbe197d9173c9f691020d5055f2ee991f488fa1","first_seen":"2026-07-04T10:30:55.312615Z","last_seen":"2026-07-04T10:30:55.312615Z","times_seen":1,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/97ea6e0281271bc8.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.610Z","timestamp":1783161025610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/97ea6e0281271bc8.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1773\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-6ed\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1773,"size_decoded":2164,"mime_type":"image/png","magic":"PNG image data, 142 x 41, 8-bit/color RGBA, non-interlaced","md5":"38de1c961a07b8775a1f371394823f5d","sha1":"d5641b182fdc34a993832ccb5bbca86f07d84c7c","sha256":"6d2ac0ff0c7768d59ab47eee3383fb917c81279f5f5e6dfe2360e5c3b42e52b3","sha512":"487fec2f394e354b5e9a4860cdc5a7a58dcccb5d3b8cb5ba7b049be8a2ff082b9b1025984a9fc43bc7d9f4c078342b989b4296d2327cbc77db9f84cca1f1f847","ssdeep":"","tlshash":"98312bd297898137891f53c6be8fc396fd4cc42668af4d216e46bc26053281cc7246fd","first_seen":"2025-10-12T07:48:56.616835Z","last_seen":"2026-07-04T10:30:55.313863Z","times_seen":36,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/52b27f39c4fb0b2e.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.862Z","timestamp":1783161025862,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/52b27f39c4fb0b2e.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/c8da59ccbd0e800d.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.885Z","timestamp":1783161025885,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/c8da59ccbd0e800d.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/aca3002864d650d5.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.891Z","timestamp":1783161025891,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/aca3002864d650d5.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/5f4885ca05873559.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.913Z","timestamp":1783161025913,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/5f4885ca05873559.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":694,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":694,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/themes/twentytwentyfour/style.css","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.549Z","timestamp":1783161025549,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/themes/twentytwentyfour/style.css HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 09 Mar 2026 17:45:38 GMT\r\netag: W/\"69af0742-784c\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30796,"size_decoded":7248,"mime_type":"text/css","magic":"ASCII text, with very long lines (29819)","md5":"a4122eb2ca0b4b54ffa049ab9c786965","sha1":"70e8b2a7c3caf15db6d79005909283377ada5515","sha256":"c3243b699655d46fd4e5442acfdcc551de6958cd5caadf4b4e6c1b3f4b83a1e0","sha512":"97034c9b902fff0487b4564c63084e59f7993b5bbc8020150023435e3f3098edc9c1238473d49086ad85ea6a41f40428d843b2b901ee8cd4a4501ef812fc4386","ssdeep":"384:WBHCI2qeMJON76zlXXCdFOCQx/dWiJuc0Uk3gwC:WdJe6zlXXCdFOCQZl","tlshash":"2ad2b57b9514324cf5278d2457c84bac4138e021e5522bfdfa57a926c7c7ba20af36ce","first_seen":"2026-07-04T10:30:55.314874Z","last_seen":"2026-07-04T10:30:55.314874Z","times_seen":1,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/d96c3f66a30c372e.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.605Z","timestamp":1783161025605,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/d96c3f66a30c372e.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21767\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-5507\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21767,"size_decoded":22161,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"7772a6bd94a7cb81bfddfaba0e1c9d55","sha1":"d9cafc4f80e1e7ae24cd149e2200aa9ec937f661","sha256":"424f0a2a42f5c954db2dd8e7e550b4f13f134183a5b0edb0442a722c04ddc5c2","sha512":"129fad282e84dab4f88538510bec2bf4817247a8728c2dade6ed35a6fb6c242bf6e555491fa8d056be04d34fca17cbd5b453468019a0471f25939b3907290755","ssdeep":"384:Dgvm6O6Wljl9vksp7yQyrKfPH1RP8nj5hzrq1uC1IU3klYOLYjwSQd:Dgvm6alxkshNG21RmfrWuC1IUskwSu","tlshash":"dca2d094ce5805bd70768c3b2d3982357c3aa96386de9353a471dc0f8265f89e9824bf","first_seen":"2025-10-12T07:48:56.603556Z","last_seen":"2026-07-04T10:30:55.316152Z","times_seen":38,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":767,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/29fe43858644d26d.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.612Z","timestamp":1783161025612,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/29fe43858644d26d.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 2428\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-97c\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2428,"size_decoded":2819,"mime_type":"image/png","magic":"PNG image data, 142 x 27, 8-bit/color RGBA, non-interlaced","md5":"543f0f26c7990d1ced7d1703055457ea","sha1":"b84072f09b2ecc9008e36f80b49733d1a7a783bc","sha256":"d9ece0796556b71b5265008cb2e76dbcfe6df67c3ae0f18ed6c9cf8c8a66f8eb","sha512":"85b9aa85924dec653e2ca2580c0b9862a2a897f3077529bb75bfb13c066cf9e1912131ae42292b814b4fd4c13f974b1aea821d87efa5acf4907e05a2a0e391b2","ssdeep":"","tlshash":"a4413d4b359ff1b1ab64973073567420a42397db1306796c65ba4d0710791767ca0b31","first_seen":"2025-10-12T07:48:56.723836Z","last_seen":"2026-07-04T10:30:55.317027Z","times_seen":36,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/cd2546a24bc7dba9.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.615Z","timestamp":1783161025615,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/cd2546a24bc7dba9.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1132\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-46c\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1132,"size_decoded":1523,"mime_type":"image/png","magic":"PNG image data, 48 x 47, 8-bit/color RGBA, non-interlaced","md5":"04b20105330893345b4d075d6108e127","sha1":"28369b84a763ad746bec2df4ea734deab2e8d72b","sha256":"bc3f763eb8bcea422bd126fa0c84f617f2de86d3f65eaf872d8b36c6b95dd11c","sha512":"df1d896b5e8b4576ed270f78ead380a44f0faa0c2f70cc1b5dbbbb8996d1206fa9d6f3a840dd45f8e85b07b62ef4d39ea2c88843048e5de6315c5b095687483a","ssdeep":"","tlshash":"ce21bdf306ce1b5618bb1424a1ca8c214c5c7baec6d7d15e7170f155317d440864bde7","first_seen":"2025-10-12T07:48:56.672025Z","last_seen":"2026-07-04T10:30:55.31816Z","times_seen":29,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/556dd44093f000e3.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.876Z","timestamp":1783161025876,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/556dd44093f000e3.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/af8bd04c33612e14.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.895Z","timestamp":1783161025895,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/af8bd04c33612e14.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-04T10:30:24.150Z","timestamp":1783161024150,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:24 GMT\r\ncontent-type: text/html\r\nlast-modified: Sat, 27 Jun 2026 08:30:26 GMT\r\netag: W/\"6a3f8a22-cb1e\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Twenty Twenty-Four","description":"Twenty Twenty-Four is the default WordPress theme for 2024.","website":"https://wordpress.org/themes/twentytwentyfour","common_platform_enumeration":"","icon":"WordPress.svg","categories":["WordPress themes"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":51998,"size_decoded":9100,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1462)","md5":"314c43d5a34a2b572e9e6cafb8827672","sha1":"6e932f11131e3a755b236941d9df579808d562ff","sha256":"754a81fad5c385bbfa544182237d13e46ab4bdc1c1302fd5e9a6fa1a8bfe12fa","sha512":"894895776a98f6de492bec5a09c90e6ace19ec44c71019c4bcf04491860f03e8af049f12ed6da4a2710dc2e4d51ad321b305c98ee22f53dc0b93e47ca98bd588","ssdeep":"384:u5q5DTOOQ9r1X8E/UxE5NvR1ehrjbgzYTGMoy+n85IXxCY8:uIRTOOQXsEB31mrjbgzW+n86XAY8","tlshash":"0e338922a0f5412b02a797d199217f1aae45c01fc95a4e52f3ec47deafc3e419de325c","first_seen":"2026-07-04T10:30:55.3194Z","last_seen":"2026-07-04T10:30:55.3194Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1084,"timings":{"blocked":-1,"dns":214,"connect":100,"send":0,"wait":557,"receive":0,"ssl":213},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/58c767d9ac42d41e.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.578Z","timestamp":1783161025578,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/58c767d9ac42d41e.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19396\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4bc4\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19396,"size_decoded":19790,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"05576e9f1e9b78305874c7c6d7c6acf9","sha1":"b64623c3c7686107acf0df42b5553d2e7cfe46c1","sha256":"73c34250a6cb2e9bf17ce42b9b96f801a07dec40c17b2401451b386d52efe815","sha512":"dc2f953706f4f595378e5c9a05d7a35ee95756c9e0e39dbfa389521f0a763d1cba213a8100d8bce2fa2718c28f39379f9c40b4cc36e0b844b2c3a96b9377adce","ssdeep":"384:tMeguTTF8c1l8Ch9S80tgC6yRoiMWYnwlNRg5vE7Q8HMTrT:tMfsW6GCh50t5O0A5v9gMXT","tlshash":"eb92c08fe5124861f61d9de2c667b050231d9eb749d9729ef0bfcc4a013dce21771a45","first_seen":"2025-10-12T07:48:56.667107Z","last_seen":"2026-07-04T10:30:55.32053Z","times_seen":38,"resource_available":false,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/848c53b883ff4c57.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.825Z","timestamp":1783161025825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/848c53b883ff4c57.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/30a22b9b9c424d41.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.853Z","timestamp":1783161025853,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/30a22b9b9c424d41.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":614,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":614,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/4bce9505752e9ff8.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.916Z","timestamp":1783161025916,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/4bce9505752e9ff8.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":701,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":701,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/themes/twentytwentyfour/script.js","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.555Z","timestamp":1783161025555,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/themes/twentytwentyfour/script.js HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 09 Mar 2026 17:45:38 GMT\r\netag: W/\"69af0742-42f\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1071,"size_decoded":847,"mime_type":"application/javascript","magic":"ASCII text","md5":"03a73da42ff9f2dbfa64323a0b20aca1","sha1":"2eebe6363e998601971d32c58ec40dd2ee7eb571","sha256":"8c2068d5bfef489575f0ec2475437dd0bc06f418067099d379fe0efcc3a8b907","sha512":"1d0c94ccb9f1c03b0b424affbf54801e727bd0539347fca1eae9e030a2a9eff756a47b9f4069fab4ea0acee14f6cc41cf3e16e6adae1573411411910f25e185d","ssdeep":"","tlshash":"6c119b28317a11726133b29b77df86d8322020cbe445dd853d7c8b462f91c9404f5bde","first_seen":"2026-07-04T10:30:55.322491Z","last_seen":"2026-07-04T10:30:55.322491Z","times_seen":1,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/d0c6521e438e776f.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.602Z","timestamp":1783161025602,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/d0c6521e438e776f.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23065\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-5a19\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23065,"size_decoded":23459,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"e807f953f4d2f99b691d0432df9083b8","sha1":"d81228ed1a0954f84a077cb3e15c8927d0739ee5","sha256":"f2e40e082aa57cf53602d9ab943c4194e0dc7771f55cc89a3e74d21bb372c16a","sha512":"0faf8d4580dbe08422e0aaad3b4058e10b28e283e9ed954cb1163162cfce42985ee47fbf9be597850a4d96b5304dffc210bdf21a8ba78ca809044b1e302059a9","ssdeep":"384:mPUjURMwdcs7w1aFG6IYUK6oF6YmQZ8zFjmEopWZuxakmcwLLuunyKbpi3VSMs:mP4UuA7YaZUKJFXXERkWZuILuun3D","tlshash":"85a2e193f3595d49f0bc5e3d777a86b2d58616ea896c89f3117fc724433a3d2008611e","first_seen":"2025-10-12T07:48:56.595435Z","last_seen":"2026-07-04T10:30:55.323587Z","times_seen":38,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":768,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/a4df4c7f11038bb9.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.604Z","timestamp":1783161025604,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/a4df4c7f11038bb9.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19273\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4b49\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19273,"size_decoded":19667,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"e83e918323baaa0ec015a07220cfc8bc","sha1":"8598a4c6bc0203407f1075ae55df00ec2a71ab1a","sha256":"e0806f42619f031e872e4c6cb86aa6c0a50dbd5bc8f2eed49ed4e6ca93b430f9","sha512":"4eb83643fa9ba312dd4ade566f049bfa2f59b984a858cbe053b1e0f4036785e8ca28895f829ad73a10728f435e8a9b74817c33a63a1c38c4e7d120ea8a09c331","ssdeep":"384:l4cPgLBij8JGqhSd4qf7lyVWFZOqvATCTzg0NA/JpydL:rUsmXhSLDFZKCTzxNAhsL","tlshash":"ec82c0b0b3618e60d4ba5e768bfa079c3dc24b911f40a20fd918dc9014765e17b989eb","first_seen":"2025-10-12T07:48:56.626518Z","last_seen":"2026-07-04T10:30:55.326071Z","times_seen":38,"resource_available":false,"data":null}},"time_used":766,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":766,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/a2821d4c5372bfa1.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.613Z","timestamp":1783161025613,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/a2821d4c5372bfa1.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 2070\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-816\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2070,"size_decoded":2461,"mime_type":"image/png","magic":"PNG image data, 200 x 29, 8-bit/color RGBA, non-interlaced","md5":"d2ec76eb63497a3be6c84d76342f7c8e","sha1":"22dec907b7dabe554c2cfb824a3fbfb06412e33c","sha256":"8a0a1981ce492013306885e7243bf162d403736313dc55e2df283cd00007be76","sha512":"a69a9a1ca455f541cf6a1085866341c0979a28b4d26cd5c7c5591ad9845ee2c03adcc83aec086a48a7e39d35bdfb86b0ab98fe7856dae9698dd09a0a85597f8f","ssdeep":"","tlshash":"ce41f8da2a10acf53c69c6399d54baf19512562fd58fdceeff1531380b09106cd74822","first_seen":"2025-10-12T07:48:56.63266Z","last_seen":"2026-07-04T10:30:55.302642Z","times_seen":36,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/c24a61bb5970e864.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.898Z","timestamp":1783161025898,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/c24a61bb5970e864.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":645,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":645,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/0ab2c80dea84f40c.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.907Z","timestamp":1783161025907,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/0ab2c80dea84f40c.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":722,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/c1330a1cab244c61.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.587Z","timestamp":1783161025587,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/c1330a1cab244c61.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16558\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-40ae\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16558,"size_decoded":16952,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"c1f6ce0e2b2e2e329d64d66d718933fb","sha1":"63c35c8ca4376f7b980b32b140a580752584ea5b","sha256":"d6f8f02c9efa915b3e3bfbba492ae7f9cdfcc34da0638c569fa77f6d59894992","sha512":"738db278d8e84dcbdfe08b87b01dcaa110356c28350a225a59122ed79507c045a0870e047ca838969d30b1233b4cccd4bc910eca73d530b75c788096f4a89018","ssdeep":"384:C5ccj51Kq83NJFZD/oF35jhvThvZQhccExW0bseT9Da8bj4j2l/qQe4:mccT83NJFZk3jl1vZ0VSvtxHl7","tlshash":"1072d1ebbfa5a015d5117c96ef472bc89b00f41f4c7483e538b4d886a867681bc1a4f3","first_seen":"2025-10-12T07:48:56.681199Z","last_seen":"2026-07-04T10:30:55.328188Z","times_seen":38,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":681,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/dc21e73492c79055.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.590Z","timestamp":1783161025590,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/dc21e73492c79055.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 17980\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-463c\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17980,"size_decoded":18374,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"b97d085f5ff96cbe9974c0f0107a897d","sha1":"4e39de0c132dd5c10dde388be9eee4e7c29c63f5","sha256":"12c48c5369f818d2e15dd3ceed42c5424d3ab2ae6b71b22aaf3f8c596a54f4be","sha512":"95870b0cb22240ad1c6606ab33075c9123f7a45d803baee582ac2221150b3f6c0e3d905b7ac65d9ae84dfa9c02a4df8eaa385f40c9d0c5da4e0abc10b6bf9c0a","ssdeep":"384:UDOPgdLkWD5vxQCOi8szsbtzYThKC7zOxEEM0GhgBpFUoP:UDXllPH5UfQycoP","tlshash":"9d82c04336e377487e6c4e754abf0735a10ad23760623e43427ce99a2d854ec7d827ae","first_seen":"2025-10-12T07:48:56.64297Z","last_seen":"2026-07-04T10:30:55.33017Z","times_seen":38,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/22e3755ba130284f.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.831Z","timestamp":1783161025831,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/22e3755ba130284f.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/1f40b97467f22d9c.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.850Z","timestamp":1783161025850,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/1f40b97467f22d9c.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/a39128289d9a01e9.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.858Z","timestamp":1783161025858,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/a39128289d9a01e9.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":609,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/2ef2ac48060c474c.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.901Z","timestamp":1783161025901,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/2ef2ac48060c474c.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":656,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":656,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/3c100f9878ca5862.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.905Z","timestamp":1783161025905,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/3c100f9878ca5862.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/a337cae3604ad463.webp","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.571Z","timestamp":1783161025571,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/a337cae3604ad463.webp HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28656\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-6ff0\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28656,"size_decoded":29050,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"be55db140f148ae5a084894ed8837302","sha1":"60b99d50435fed0f18e4e4e7db48424de912c0ab","sha256":"dae3573b384421ae8b1675e570fd0fa2df20e151c6cae6b32ae5264d22704eb1","sha512":"0473016f8c3f9627d0e64dd1f5a601ada8871b8492b9c431cfdf00045e21efff9d3b80ccf0913ae115462fa151d4f7800c5219e8bbf4b2475510d9e440914124","ssdeep":"384:FLMomIwhLYPvW2WccWJD5FI61rx8+xtR7ty1OLptcWUhIJ+A4K0+K:FLMo20GocWfI61rx/7/vdUhvLK0+K","tlshash":"c9d239a1c32908d5f243203275550258a337edd7bd38eb866702dcad97513aeaf399ec","first_seen":"2026-07-04T10:30:55.332064Z","last_seen":"2026-07-04T10:30:55.332064Z","times_seen":1,"resource_available":false,"data":null}},"time_used":496,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/24e39eb71548bf10.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.596Z","timestamp":1783161025596,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/24e39eb71548bf10.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 18762\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-494a\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18762,"size_decoded":19156,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"9e1c77727835922ee9e6a536d2101423","sha1":"1f48885be11d26e1e3f7f59ccaa8e3a1eac0a42b","sha256":"23986db5adf93a07e9027ee63619ab0ded8b64778bbc3766ba3426ab25c81ca6","sha512":"1d30eecb07843f20e8eaed38f220d7940e158463c107616a1ad8a0eb64eef5155d53b7eea129bb85c13f701f713bc25fa47f3555edf8ecdbefa0826e1f23e687","ssdeep":"384:GxKOBzBWEY/LYfkWxU0mQvLAq7HHfDK9dh7i3Hd6/9G:8hsX/LLW9vvxTQiHdQG","tlshash":"dc82e00abf49c145cf44af11e85f6c67abd9c2624228b3833274cd568ade5e10d98bca","first_seen":"2025-10-12T07:48:56.717608Z","last_seen":"2026-07-04T10:30:55.333693Z","times_seen":38,"resource_available":false,"data":null}},"time_used":772,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":772,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/3646954861a6aca3.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.600Z","timestamp":1783161025600,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/3646954861a6aca3.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19687\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4ce7\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19687,"size_decoded":20081,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"73e56b1de9d50f0450e0c75f4e1e3f51","sha1":"5a55be1b425c66c4ddbceb7ee00052ce0d6f3a68","sha256":"0c5f848c16994d0f9d9e9bfb1d5f4fd65fb0e038e0d23c05c5615e1dbe9f63bc","sha512":"b76402769919bbef918939dea02e1c5ea86755a6913b670253cc35d514fbeb96a4595707e81a7e9c004355bcf43ec61c4cec22e0557757301dc514a005f273ea","ssdeep":"384:LViOJ2cd+l5/asZAHPAbllrGbiCRtVe87b4v4qXhXKFG6c6OA+3xI2jaPXDrWLS:ZiOJ6ZAK8NRtR7EhXKQ61OAOkaLS","tlshash":"2f92c0e6a6d08850eccf4dba6ca82a8e1506c72a5bd94d374773cb7035374e216cb7e0","first_seen":"2025-10-12T07:48:56.645899Z","last_seen":"2026-07-04T10:30:55.334384Z","times_seen":38,"resource_available":false,"data":null}},"time_used":769,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":769,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/9b62cc7f0045df65.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.603Z","timestamp":1783161025603,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/9b62cc7f0045df65.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19439\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4bef\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19439,"size_decoded":19833,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"99b163a258ac48343d78700d6ea72dc5","sha1":"07aa77cbd1aea360470fee6fe856e3959cfd5040","sha256":"75bf3f0e7e125648a2b520050637766af0991d45137176a817351410c8a6f2aa","sha512":"05bcbb1216dcb382de98541e11dded74c178571aadf5db7a9401b1303e38ebd45a4f07ba3444173bc7a672696daa1539768a8978e22aa5fe25eb6babae92eadd","ssdeep":"384:3t+0mPOfywn6aUNN4y4mNB5aQMa2RywITq2cXqbinjMJR3/qrRpLmnUvMJ9RbV3:3k05fywn6zp4mH5aQMYw+q2c6bij8RCI","tlshash":"2892d0c6db708b1cb20a4e37a69db41c8f648f106ae50b17137ec42d136a4d56d65f4d","first_seen":"2025-10-12T07:48:56.701589Z","last_seen":"2026-07-04T10:30:55.335052Z","times_seen":38,"resource_available":false,"data":null}},"time_used":767,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":767,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/ae9d74e15ec7dc10.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.857Z","timestamp":1783161025857,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/ae9d74e15ec7dc10.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/fb1cd3ed28f0bf73.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.879Z","timestamp":1783161025879,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/fb1cd3ed28f0bf73.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/favicon/favicon-512x512.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:26.822Z","timestamp":1783161026822,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /favicon/favicon-512x512.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 199149\r\nlast-modified: Mon, 09 Mar 2026 17:47:58 GMT\r\netag: \"69af07ce-309ed\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199149,"size_decoded":199544,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"43f6a9081a502f57479409a2f3ed222d","sha1":"3968d0b763cf3cb36cb0d5bb1a5b09d69b2c18aa","sha256":"be9372fa8375f62cba56b7d27c0bd74da2a20859c12cdf016d8adfc71245bab5","sha512":"d343493164549de7932c68704682dc68300e3b9d4da6ade82eeb9502bc8124f0bc49bfe5533b06c3af4a5bbae52ac720768b248930eac01928a2d04a16e80378","ssdeep":"6144:IbgTcaeXy3hUIg3QuJGqmGhwM+ZR8iPDAMjwS6:I0OmJyl+IXMES6","tlshash":"e814127ed10d3363801e8a1ed1fff170424b6acfd36d646abcb09cb12185e699ad3960","first_seen":"2026-07-04T10:30:55.336167Z","last_seen":"2026-07-04T10:30:55.336167Z","times_seen":1,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":410,"receive":307,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/934c1470a930d4ea.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.846Z","timestamp":1783161025846,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/934c1470a930d4ea.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":620,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/416fa91c51edd32c.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.861Z","timestamp":1783161025861,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/416fa91c51edd32c.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/947ab70cc3f4c251.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.930Z","timestamp":1783161025930,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/947ab70cc3f4c251.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":789,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/9e1b5f20456d75bd.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.608Z","timestamp":1783161025608,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/9e1b5f20456d75bd.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 31410\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-7ab2\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31410,"size_decoded":31804,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 266x354, components 3","md5":"d48fcc099c011ae9b29934b9a8e077c8","sha1":"3829068da0867c59db1ad0edb30a86f6ab153f7a","sha256":"808f411d7747e8f6bc7d0d50d0a75907d4fe273fff7a6caf69056988aaa85905","sha512":"b9d63a5f4a85a1d47b576a073261b5265df14740d2c34fe8cd8b597928b7606d3f65404421d86b9936db3d199394193d4fefd884a6bd9be35e840d5e04399d31","ssdeep":"768:0GPtReVzR24S5/egdNffgl/AvZDEacR9LLeTAC+P+69kg:0oilRJCrdNffI/AhEacbv39n","tlshash":"28e2f1809fdbc60ce5601e3002c2a8ba9d6964d50e74d91c53ffc92506bbbc4bd67adc","first_seen":"2025-10-12T07:48:56.713126Z","last_seen":"2026-07-04T10:30:55.337202Z","times_seen":38,"resource_available":false,"data":null}},"time_used":702,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":661,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/0157e5eec7c706e8.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.618Z","timestamp":1783161025618,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/0157e5eec7c706e8.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1834\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-72a\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1834,"size_decoded":2225,"mime_type":"image/png","magic":"PNG image data, 112 x 53, 8-bit/color RGBA, non-interlaced","md5":"b0e3ac9ebab6af5f48091dfaff855a54","sha1":"096de8f22039486621f167862d3cdd2f7d6d6a6a","sha256":"fed91cc5540efbbafc70f90d761c9caf1855a43f9ac0abdf58b43020bf1fca76","sha512":"6383332e70343cc4f6be1510e793ff8416c9a1d2de0b6e255121026683a162cb12075e2e41f0074d0eac618390f884a5365716cd50c2a1842b0b2dfe2c7439dc","ssdeep":"","tlshash":"8731094ebb253d6f55fd6e3d47245434a43f98bf3454293ce87745085ea520f60075a3","first_seen":"2025-10-12T07:48:56.729773Z","last_seen":"2026-07-04T10:30:55.339447Z","times_seen":36,"resource_available":false,"data":null}},"time_used":752,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":752,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/20bc5ce5a691493b.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.918Z","timestamp":1783161025918,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/20bc5ce5a691493b.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":727,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/eefaaefdce79de5c.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.574Z","timestamp":1783161025574,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/eefaaefdce79de5c.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 18686\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-48fe\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18686,"size_decoded":19080,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"1598d4e1397893afab65099adb8177cd","sha1":"06a9b9ea260d14a3996ac1173093c1041008232f","sha256":"bc95ea72facb19b3a2e791f7d453ad3f6ae26715093af849ea2e997f5568085c","sha512":"862f23761ecf4326be9ffe39a18fb5e1e84be9a44157d822b55b86af2c40adad481428fe2cad766cedfc390c4c57a40ae8898ada36c54fc95f596774264f404e","ssdeep":"384:0H5PdFpoFJYrnNZZbO8yd8cdVAxQ3qsB/cGnPv9FapRFG9f:SsGNTa802mq2cUVFPf","tlshash":"a782d019ca717f87f90acc755118724bd322b912b2d3cb16fbb1bf8914b81d51518c28","first_seen":"2025-10-12T07:48:56.587042Z","last_seen":"2026-07-04T10:30:55.340033Z","times_seen":38,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/75b2030606d25eb5.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.589Z","timestamp":1783161025589,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/75b2030606d25eb5.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20085\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4e75\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20085,"size_decoded":20479,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"843e7ebe7ae17cc10b217375329e6b6e","sha1":"c9af7f7b6cdae180879300fe0082fa4f0a60cb1e","sha256":"04730aa6b3992201bd4a7bc814c13ce6e2c0284fd9e9b72e2cc26a6bf848c249","sha512":"7bf7aa0f53c071422f0ec81016152dcb0bca6d6e3a9e87aeb07801e2db3975978330b3a0c458cdb9f84d8d0a2d5cc1778348ef3d7c7cb1fe5caa10955c38e66b","ssdeep":"384:u7Jvi24+5ngrahcAICsgp+PLXUCKpbeuRXSAM7X91cZvwYdksfQBF:u7p1XNge7p+gCKEUSj/Od5oT","tlshash":"e092bfee3fe096817c366e7d83916204f4e2b8ddc18e48538b3586138edd9c437252d9","first_seen":"2025-10-12T07:48:56.639825Z","last_seen":"2026-07-04T10:30:55.344136Z","times_seen":38,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/5134c5af7ab70428.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.594Z","timestamp":1783161025594,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/5134c5af7ab70428.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 23881\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-5d49\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23881,"size_decoded":24275,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"393f4894c0e31329594f3d4134390af6","sha1":"4d9d3ccc06018b47bdc16c0ddba6a139aaeaeb3a","sha256":"c6a0f17c941a19e0dc8261d685e1c01bc102b5a56347e4bfa2c1d5cc557f1f33","sha512":"58bb1d0e74a322a2bf91cd7c78b3f6192f47309d1adafdb8af01189d32e778ea8cdf7cefaa000aa69239ec01d25b1f11d9aef754cdddf6b3e738dbb49c510813","ssdeep":"384:Odf2QSlgRl7J7ti0sVSabC9AUVrl3oO3LovrnTEuEUHkJNNUA45ju9tVaN:OJTSKYZSaYbVrl4O78sUX8wN","tlshash":"36b2f2db7f8907e3686a0d324391c855d7d0ae82f63b1e0543f1e87a49750ec1a94226","first_seen":"2025-10-12T07:48:56.740436Z","last_seen":"2026-07-04T10:30:55.345589Z","times_seen":38,"resource_available":false,"data":null}},"time_used":774,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":773,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/157a87f2b938ef76.jpg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.595Z","timestamp":1783161025595,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/157a87f2b938ef76.jpg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20377\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-4f99\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20377,"size_decoded":20771,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 266x354, components 3","md5":"2830de20d1f744bb3a33ad4c2ea9d463","sha1":"50382faa7afcedc7929fd60537906f37ea9a9e4b","sha256":"f08d7168907d149487548a058ce0b0f0ffb5029f3c65c5d470d69e99a56b93ed","sha512":"24be110f02b1cb61bf971b69cf16dd7e8d63b2d55f07c2b97f0d04f8ea1fb38fcf826c1e7578f3bbb01918b5175e65a1c7788b670f7efef510f237ee866b07dd","ssdeep":"384:CwBgx1ZDOsG7dIujRXn58MwUqAytdX2C1uAW8HiphK3Ua9UuDd3ku5OU:C6gDZDOsMt5NwBtliPKpdUSOU","tlshash":"b192d025f7e0e271def19fbeaa41713474a27f4e9f834f852136c46d24008cd156e629","first_seen":"2025-10-12T07:48:56.651906Z","last_seen":"2026-07-04T10:30:55.346169Z","times_seen":38,"resource_available":false,"data":null}},"time_used":773,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":772,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/a975e75069f47c82.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.835Z","timestamp":1783161025835,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/a975e75069f47c82.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":630,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":630,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/97f714c58e61c5e3.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.873Z","timestamp":1783161025873,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/97f714c58e61c5e3.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":595,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/6751460beb70a16b.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.887Z","timestamp":1783161025887,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/6751460beb70a16b.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":603,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":603,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/4014c8713205c8b8.svg","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.921Z","timestamp":1783161025921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/4014c8713205c8b8.svg HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: W/\"69af07b6-3f86\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16262,"size_decoded":6452,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"670470d454337c8c6eaee623167dabc3","sha1":"68a63e5a24ea782bd7b2ac0408055a09cb2ea990","sha256":"3106024d95e4eb371f4a2f8f0640c6c55755683d875a9a5d284c94976a736e84","sha512":"157abe4b93927f64b71f92cf5e21262ae3652da036bd250e25afaa10d6aeac8803a5bb30a6bb118ede022f08671203f5f41f87cd7b72641ce4ee80a7b6053ee1","ssdeep":"384:f1cNDhR1R7FDQiW/BBJLq/mBsPDuqV6updauX+:Ncr97FDQZByEsPC4pHX+","tlshash":"4c72c6ea533802dc54c79a6fff2564f9130fa4f7b95b81919d9e8bb89087a48f613d00","first_seen":"2025-10-12T07:48:56.600079Z","last_seen":"2026-07-04T10:30:55.301353Z","times_seen":36,"resource_available":false,"data":null}},"time_used":734,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/e9207321664e1ffd.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.614Z","timestamp":1783161025614,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/e9207321664e1ffd.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1834\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-72a\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1834,"size_decoded":2225,"mime_type":"image/png","magic":"PNG image data, 112 x 53, 8-bit/color RGBA, non-interlaced","md5":"b0e3ac9ebab6af5f48091dfaff855a54","sha1":"096de8f22039486621f167862d3cdd2f7d6d6a6a","sha256":"fed91cc5540efbbafc70f90d761c9caf1855a43f9ac0abdf58b43020bf1fca76","sha512":"6383332e70343cc4f6be1510e793ff8416c9a1d2de0b6e255121026683a162cb12075e2e41f0074d0eac618390f884a5365716cd50c2a1842b0b2dfe2c7439dc","ssdeep":"","tlshash":"8731094ebb253d6f55fd6e3d47245434a43f98bf3454293ce87745085ea520f60075a3","first_seen":"2025-10-12T07:48:56.729773Z","last_seen":"2026-07-04T10:30:55.339447Z","times_seen":36,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rainbet-casinonorge.com/wp-content/uploads/2026/03/a51a52194712bf3b.png","fqdn":"rainbet-casinonorge.com","domain":"rainbet-casinonorge.com","tld":"com"},"ip":{"addr":"172.86.184.253","port":443,"asn":0,"as":"","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rainbet-casinonorge.com/","date":"2026-07-04T10:30:25.620Z","timestamp":1783161025620,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rainbet-casinonorge.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Jul 2026 20:57:44 GMT","end":"Thu, 01 Oct 2026 20:57:43 GMT"},"fingerprint":{"sha1":"E2:C6:BA:4E:59:CD:94:C4:DF:FB:03:82:79:77:89:D0:F2:EE:09:77","sha256":"E8:53:43:AA:57:CC:79:DC:DE:57:BA:2C:78:37:86:8A:00:3D:4E:60:BB:68:3F:A6:24:A3:9C:8F:D3:B8:30:E2"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/a51a52194712bf3b.png HTTP/1.1\r\nHost: rainbet-casinonorge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://rainbet-casinonorge.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 10:30:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1132\r\nlast-modified: Mon, 09 Mar 2026 17:47:34 GMT\r\netag: \"69af07b6-46c\"\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1132,"size_decoded":1523,"mime_type":"image/png","magic":"PNG image data, 48 x 47, 8-bit/color RGBA, non-interlaced","md5":"04b20105330893345b4d075d6108e127","sha1":"28369b84a763ad746bec2df4ea734deab2e8d72b","sha256":"bc3f763eb8bcea422bd126fa0c84f617f2de86d3f65eaf872d8b36c6b95dd11c","sha512":"df1d896b5e8b4576ed270f78ead380a44f0faa0c2f70cc1b5dbbbb8996d1206fa9d6f3a840dd45f8e85b07b62ef4d39ea2c88843048e5de6315c5b095687483a","ssdeep":"","tlshash":"ce21bdf306ce1b5618bb1424a1ca8c214c5c7baec6d7d15e7170f155317d440864bde7","first_seen":"2025-10-12T07:48:56.672025Z","last_seen":"2026-07-04T10:30:55.31816Z","times_seen":29,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"rainbet-casinonorge.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
