{"report_id":"bd497cfb-861c-43d0-b473-6bee1359d39d","version":6,"status":"done","tags":[],"date":"2026-05-07T12:45:54Z","url":{"schema":"http","addr":"galabetonline.casino","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"galabetonline.casino/","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"title":"Galabet - Galabet","dom":{"size":102086,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (19080)","md5":"28025bd242dd96530e8b9dc12326276b","sha1":"e4a39b2dce0a28419621220029cf96f7ef227979","sha256":"7e5577abc4150615fa5f69efbd5f2ef6f4593a3b731d14408d269fdbb0a3563a","sha512":"7d1caab0fc2962b56227fbe0479f7a69e8bea36ded26b9c4e3a6606112e2034bfd48b28563683e822501ac9bf95f27ef6bb930275719f55dee59f4a3f58a437b","ssdeep":"1536:AY7ppPVTyp5Y8UGZrUd2KguQIFlzE+EEZiYCUN:AYdpPV+7YdngI7dCUN","tlshash":"f7a3f951a36489fa7a6f8b6dd044e7286648de02df05e5eaf4e1d04564ccefb04b3b0e","dom_hash":"domhash141dc65dd2dfd7ec90c696e38c236439","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"galabetonline.casino","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-11T12:45:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"galabetonline.casino","ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-07T12:45:55.430561Z","last_seen":"2026-05-07T12:45:55.430561Z","alert_count":34,"request_count":17,"received_data":1762507,"sent_data":8551,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Yoast SEO:27.5","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"s.w.org","ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1993-12-01","domain_rank":27695,"first_seen":"2017-01-30T04:56:16Z","last_seen":"2026-05-04T02:32:33.76157Z","alert_count":0,"request_count":1,"received_data":886,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"galabetonline.casino/wp-includes/js/wp-emoji-loader.min.js","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"808a57bdad5b6cb2891b4b00b44da1f1","sha1":"20c0bb39098a56dc36d5f90e9e37519c542eceac","sha256":"ed12215dcfa70182978c5a6367b45125c85fcf8bd9f44fbc04d974d385bd92bd","sha512":"0e313172057407867947435b0c2072be846aa24a9e73905d01aec578f3d8c09b7249955415165e93eed3d5b81dd8399068293a067f8cd4875840f3fbff5a7479","ssdeep":"","tlshash":"cc81b69ae77638cfb2f900f2697a0d47eb614435d6c8d038c9bea3141cb5893c274b46","size":3886,"data":"","first_seen":"2026-05-07T12:46:00.20529Z","last_seen":"2026-05-24T17:07:43.899969Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-block-template-skip-link-js-after","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a58eb9ea6fe686a10253e01012a16598","sha1":"115937c257d45799e632e8f14c72adf46d3b8269","sha256":"d7b313c538b867c1c81f0077da0e61fd34896e488fac2c746f7d7d38a37ca6c0","sha512":"0fe8952548739cf4532d6b631b5d68eb326277013688c8ba0493f9fa5445f04c43213fd841a9d08c999b748b77daa4b3ee754c335fe6a96db8751a3f183c609c","ssdeep":"","tlshash":"eb4195c4f21506f401662a39c4341bc9e2b92998f6db1ca7cc0c8c2cb1b256f46b6f7e","size":1967,"data":"","first_seen":"2025-12-04T04:01:43.621824Z","last_seen":"2026-05-24T17:07:43.900979Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-07T08:13:02.219608Z","times_seen":261634,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/fonts/figree/Figtree-VariableFont_wght.ttf","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/fonts/figree/Figtree-VariableFont_wght.ttf HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 62868\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":62868,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 20 tables, 1st \"GDEF\", 28 names, Microsoft, language 0x409","md5":"08284f187efe0cfc913506ac6478928a","sha1":"1a2c3b4b2e4e4f6831124e10de6703f517e09509","sha256":"fed6410d1a74ec62ae14e8866a57b38b93de765dbd129354868276940b298d70","sha512":"e1f71db662c1816237884a398b07783763c270e3ee7f1a42ab45b70e1b4abbe8661c2ee96091eacf34b1d6361ef6ee87e6d7e735816688f0dc53066d482c61ef","ssdeep":"768:wQUx5N0ODnGjVJyZivysEBgh36jdA7kpG0a2lHFhJ1I1SkcfZgW6SM46SHia32oF:Uufki6PexApwUHilbqIE","tlshash":"97532903fb52da06e1ad8ebdc0b34b840b3afa01ee48570f94946175ad497f44f16bd5","first_seen":"2024-07-10T07:00:29Z","last_seen":"2026-06-05T07:02:48.233081Z","times_seen":630,"resource_available":false,"data":null}},"time_used":645,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/uploads/2026/05/cropped-thumb_286233_online_casino_logo_retina-192x192.jpg","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:34.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/cropped-thumb_286233_online_casino_logo_retina-192x192.jpg HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:34 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 06 May 2026 12:57:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2797\r\ndate: Thu, 07 May 2026 12:45:34 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2797,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"957c329645f896b646d8925e4773452f","sha1":"74101e3ee8df7a82c6e2699033fc47dcd63e5a7b","sha256":"7c70b6cc5709be1182d5a3ca90be2aa21a56b0902ccfc23641992c0b66265f4e","sha512":"4cd2d47650d645851280c3087953faf425cf9335021f4ce94491afa1313d6017ffb6f928964ca4a2f3a7e920e672c86d5c9cdad9f6a3c7d98f548e1e9e40e624","ssdeep":"","tlshash":"b3511ceb23054366dc0c0f3c6ee9475c2f5cdf46b06a5b46a270d986caf65c00d96d46","first_seen":"2026-05-07T12:46:00.189908Z","last_seen":"2026-05-24T17:07:43.884941Z","times_seen":4,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/images/cta/cta-1.jpg","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/images/cta/cta-1.jpg HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 222947\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":222947,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=614, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=700], progressive, precision 8, 700x614, components 3","md5":"68c5d5fed88c407b1d8333d849e8f90c","sha1":"6b5478a88bbe5acc66c19aa8bbfd9a0b290c353a","sha256":"66aec00c891bc1fe16b940e3c1a3b01061c360a2a1a3ed29875d0f4ae40001dd","sha512":"050190b638b3f2f4a62ec9a1a638347d5e12e6e7ecaecea5af4deb452a7c4f86b1b4832246c28550c5e635ce1481bd73bd2c926bd557484f67801e5a98f9041b","ssdeep":"6144:WxhFy57H6Ny0Z1+cU/OouRf3uKRsxbBJyV:WBy5uSbGPpuwsNw","tlshash":"fa2412741f631f10e9f081ff78a8e553ab86858df52793133e1cb4853f71618e6a8269","first_seen":"2026-05-07T12:46:00.190889Z","last_seen":"2026-05-24T17:07:43.88879Z","times_seen":4,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":342,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/inc/superbthemes-info-content/icons/img-icon-6.png","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/inc/superbthemes-info-content/icons/img-icon-6.png HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3608\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"2e537f61dac45b8cb0e2b75853b4761c","sha1":"b6b8ab1a605a1ea601d4986dfaceeafd58c7f54a","sha256":"1b3019beb4cca65580a5c34e3c3ab2686a9e08549ea37e6970d3aa50d15ba625","sha512":"055b0cc9c36eb6ec52a0dfc87cbeade2ef28ef894f1841ec029c39769fed626c70c83b0cefcf33c0925ef76fdda58e0edc739a69179906466994a04e3af711bb","ssdeep":"","tlshash":"8f71d65df8015d0016a69a4169fa74175e3b29c09ac1f096adeedc92dc300fd9ecc1d7","first_seen":"2024-11-21T06:33:45.352136Z","last_seen":"2026-05-31T07:38:56.538439Z","times_seen":25,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/images/team/fashion.png","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/images/team/fashion.png HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 145663\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":145663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 380 x 500, 8-bit/color RGB, non-interlaced","md5":"e88e492e00f3ebd91de3e5c128435ef2","sha1":"785adf6aba1b391eb947956876f90cdd223ce502","sha256":"6d707dee657c0a2bbcc6602071aa680437c6e01496623545054a098a2af877f8","sha512":"8a28e0f5d31ac9149772296fca9cb49b629a1527f3314701a88caf657450bc3b6d06ae8b1003dacc3a6e8f295fbc010de187809855ec85a802114a98b8fba147","ssdeep":"3072:yq7nvJMUbkVw47TTdDOe5eJ0Pt0KfFniY+V5q7hBsGNXtfYV4bpKXDr57Mjthe3o:9wBHTdeJ0l0KtniY/hOyXNG4bpKzN6u4","tlshash":"66e3124bf48abf0eb029a7551951edf367542060d8dce40cba0932ddca8c1f8bd97a4e","first_seen":"2026-05-07T12:46:00.192345Z","last_seen":"2026-05-24T17:07:43.898771Z","times_seen":4,"resource_available":false,"data":null}},"time_used":827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":658,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/images/team/outdoor.png","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/images/team/outdoor.png HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 222250\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":222250,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 380 x 500, 8-bit/color RGB, non-interlaced","md5":"99e67b21fc3d2d4782b3398751d2977b","sha1":"4e48bc85686910c597ca66a3b3c0a8455c04abba","sha256":"c2c58a66409809d1f4319580bb0b767514821cbb5f98d9e0f2743e06b7550d51","sha512":"ebbd98a2ca370146b84c8ab633f9e31a900da9dfe111ddd6e9c3d15aa74387e15de788373ab1e7a3ac90350adca8c9526538e88bd76cf05cafba2c6d3e269096","ssdeep":"3072:5bjCnwtNPqEGgZCPtq4EeVO5qAFsc91RRY5JunHUbxfp++WvN9NkX9LJwr6GyOwx:5b24BqriCP3ya01RijJZpRWrD6dV+Yx","tlshash":"d7242247b462a8f470a59a5fc2ffae0e47591594c712ee379a5e93c7f4ae133288c031","first_seen":"2026-05-07T12:46:00.193575Z","last_seen":"2026-05-24T17:07:43.89008Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1000,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":658,"receive":342,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/fonts/figree/Figtree-VariableFont_wght.ttf","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/fonts/figree/Figtree-VariableFont_wght.ttf HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 62868\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":62868,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 20 tables, 1st \"GDEF\", 28 names, Microsoft, language 0x409","md5":"08284f187efe0cfc913506ac6478928a","sha1":"1a2c3b4b2e4e4f6831124e10de6703f517e09509","sha256":"fed6410d1a74ec62ae14e8866a57b38b93de765dbd129354868276940b298d70","sha512":"e1f71db662c1816237884a398b07783763c270e3ee7f1a42ab45b70e1b4abbe8661c2ee96091eacf34b1d6361ef6ee87e6d7e735816688f0dc53066d482c61ef","ssdeep":"768:wQUx5N0ODnGjVJyZivysEBgh36jdA7kpG0a2lHFhJ1I1SkcfZgW6SM46SHia32oF:Uufki6PexApwUHilbqIE","tlshash":"97532903fb52da06e1ad8ebdc0b34b840b3afa01ee48570f94946175ad497f44f16bd5","first_seen":"2024-07-10T07:00:29Z","last_seen":"2026-06-05T07:02:48.233081Z","times_seen":630,"resource_available":false,"data":null}},"time_used":796,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":635,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:34.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9.4 HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Nov 2025 19:44:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4949\r\ndate: Thu, 07 May 2026 12:45:34 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-07T08:13:02.219608Z","times_seen":261634,"resource_available":true,"data":null}},"time_used":537,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":522,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/css/patterns.css?ver=1775126184","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/css/patterns.css?ver=1775126184 HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1355\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8407,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8e1673a49cd20cbaa89ec81adb01310d","sha1":"69cf93ffd86bb435a0c6b6c11b557c105cf03bb2","sha256":"bb3a13055ee1869d0beaee422b524e1b3e6afb97ba5472b0606d70c3fd70eb9d","sha512":"c3da76cb98429c66a57f96d14e8a9a47bdad1738236fbf884079b8b38b42fd7ad1c2a05d3fc1008f9fd0aea5a9343bb93f71902e4b548a24937bbb337ac85c2a","ssdeep":"96:D4SiKuDKZD23xoygkJvyN03dtt6agLYDTlV:D4XzDKZPAJvC03/t6agL4TlV","tlshash":"f90270b2f7f384504436192b4d421538763fec668a0669e5b4c7f2ea6348d830b56f3d","first_seen":"2026-03-22T05:43:05.755868Z","last_seen":"2026-05-24T17:07:43.88141Z","times_seen":9,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/images/content/content-4.jpg","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/images/content/content-4.jpg HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 283186\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":283186,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=702, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], progressive, precision 8, 800x600, components 3","md5":"69934b0f3eaa2305f9096503e68ba1e6","sha1":"3b08c548bb0505766d4cc6a1277cc8340a98cec9","sha256":"31c081c186a967959d6d0630497865503cf32ae6f11e56caa6dfc08332c9dd1c","sha512":"0ca62a36cddf3d833de41c41d2fcb8c810601dea3d5a16932cb890f46a4c84b7397a937c5c8fa44f6aec405c6b7d211c9ea8ffd4de0cf31a571fa8f38b1600bb","ssdeep":"6144:9BvI3w6pkhaPxVEUp9v4AmEFxUDcH064fpgKpXHsUM:nvew6ptVx7vWEFxUYH0phJsUM","tlshash":"025423ae6e8bda93ccd1353884e8da46138dd6a593576785381c3128fbb1f5a0dfc8c1","first_seen":"2026-05-07T12:46:00.196233Z","last_seen":"2026-05-24T17:07:43.895327Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1007,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":499,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/images/team/fitness.png","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/images/team/fitness.png HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 341957\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":341957,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 380 x 500, 8-bit/color RGB, non-interlaced","md5":"d79b0dea911ed776d3eedda1725f50f8","sha1":"3e0e220934c5ed6cafc3a55ca09fe3f77d524cc3","sha256":"854642ec4f55890f0b5a729444dd6904e10287e9b9582e609b42308093f5707b","sha512":"e1f792d4e6e0e658bdb0568d8eb105ce43b68da0ed84566d6bb5bc68447b2e48bb58da7e4751f5d4cff69d3136fb04fe6a918c257e72d0e316cd6ab6e23ed261","ssdeep":"6144:Q+Bc5kt5AnkpNuLJ45tx1im/qXlTh5FpZfj5nbkmjIYrb40Q9aJFPWJj:Ze5YpNuLeim6ThfpZfNxsMb4/UJYt","tlshash":"bf74237989c5a30148d9bf89cd927b1329da05d7b2347e4976928dea63ba4dd0c0fcc3","first_seen":"2026-05-07T12:46:00.197266Z","last_seen":"2026-05-24T17:07:43.891049Z","times_seen":4,"resource_available":false,"data":null}},"time_used":994,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":657,"receive":337,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/assets/images/cta/cta-4.jpg","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/assets/images/cta/cta-4.jpg HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 258093\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":258093,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1125, components 3","md5":"4f8676a92221082a020179e07e7742b9","sha1":"3be30a393471f2e54f32682c6ad850adbeb6d715","sha256":"d47669fcc3edb70611c091d341311c10245459bb19370ef81f39df249a7c9b45","sha512":"e66ce1a1e62b71bfbb690930689742f773c3816d040f352fe9fe4c7b7e688a50ff7c5397ed3a1d63cdd03c2855ee0b2c9eb4bdae0ad78a1da953380d9b032602","ssdeep":"6144:/CXeeNmva+XWupottwjtBLGcY53vn3/XA2LUtfTnuLFtvbgMEUHGK:aue2aSbawjtBLjmf/AdfTuLFtvbgMDR","tlshash":"3c4422039b8522bffe0d9b77429375783699c5b642db0a2f4f0c2ca0d55034af87999e","first_seen":"2026-05-07T12:46:00.198929Z","last_seen":"2026-05-24T17:07:43.892197Z","times_seen":4,"resource_available":false,"data":null}},"time_used":824,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":185,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.w.org/images/core/emoji/17.0.2/svg/2714.svg","fqdn":"s.w.org","domain":"w.org","tld":"org"},"ip":{"addr":"192.0.77.48","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:34.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.w.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 19:44:43 GMT","end":"Thu, 23 Jul 2026 19:44:42 GMT"},"fingerprint":{"sha1":"A3:CA:4D:A5:D1:38:98:6D:BA:D3:BC:97:38:87:2F:F8:5D:E6:F3:50","sha256":"EC:0E:74:3E:53:88:CF:E8:5E:13:E6:4D:30:1C:54:A3:37:E0:B5:23:14:D4:A0:54:54:76:D9:8F:22:7F:15:21"}}},"request":{"raw":"GET /images/core/emoji/17.0.2/svg/2714.svg HTTP/1.1\r\nHost: s.w.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 07 May 2026 12:45:34 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 361\r\nlast-modified: Fri, 07 Nov 2025 05:21:38 GMT\r\nx-frame-options: SAMEORIGIN\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 12\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":361,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7b3ff12d16d96ca77345da9450986dc7","sha1":"220f77197faa7aed5c3217b1f8cec35518a96137","sha256":"e98cb75b135ff35e1d3c27667101fc6ac910aa2c7e6b52ff09d06c537f4de8d6","sha512":"71e5a862d71a22b4db74a8c2d00d632d463f0f07a478a34bcb443c8ce9692f41610d824e759a368d1c0e9ff6fb3e1e536a254f8c9d9c02f997695fdbeb9153ec","ssdeep":"","tlshash":"0be0c0ee8b3ba840499ad568ffb03095049370fb934f00d0e3c56c2f4607400a116d20","first_seen":"2023-04-30T23:21:15Z","last_seen":"2026-06-07T06:08:21.119543Z","times_seen":3805,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":28,"dns":1,"connect":7,"send":0,"wait":8,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/uploads/2026/05/cropped-thumb_286233_online_casino_logo_retina-32x32.jpg","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:34.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/cropped-thumb_286233_online_casino_logo_retina-32x32.jpg HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:34 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 06 May 2026 12:57:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 567\r\ndate: Thu, 07 May 2026 12:45:34 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":567,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3","md5":"f3890835fa3ead127e7054d544db6042","sha1":"b3262dec00002f0d937e7ada9d562d1733cdfed3","sha256":"d21e6be801b395b1c3dbd3d222e0b7d9b8d27054d63ffc6969377edeaf98828b","sha512":"6edc20d2361fa62d694ca584a5b9940eefce189ded75235e483f5abf9750579c19c469e3b4f429f5f8b7692da2b52c306a86c2b7317049a636b7535f5b8016a8","ssdeep":"","tlshash":"7df054bb7b1156d3cc4c2c380e325b388f0f6f02d022bf4b53b0c4015a352c60c60811","first_seen":"2026-05-07T12:46:00.200969Z","last_seen":"2026-05-24T17:07:43.893323Z","times_seen":4,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/inc/superbthemes-info-content/icons/img-icon-5.png","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/inc/superbthemes-info-content/icons/img-icon-5.png HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3354\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3354,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"17af63ddd06bcf12eca8b8ce0301b056","sha1":"41dae09015288fedd666e72034cf56decc6ccb81","sha256":"38291ae05ffa3b0d514b24f4ab80da46fd71310d29250c42de258432c3b5cec7","sha512":"524e7cde2357a9599ab614b748d2867ada458478fb876f793895a8bdf91e910a841df3e611eb929a857522a699fa8cc1539a75cf9d2a287d6a6531d3eaba2b65","ssdeep":"","tlshash":"4b61d89de815ad104a1cda912dd6409b9e378a849bd1f942accfe893d8600fd9f8c2c3","first_seen":"2024-11-21T06:33:45.350186Z","last_seen":"2026-05-31T07:38:56.547014Z","times_seen":17,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-07T12:45:32.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nlink: \u003chttps://galabetonline.casino/wp-json/\u003e; rel=\"https://api.w.org/\"\r\netag: \"833-1778145410;br\"\r\nx-litespeed-cache: hit\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 19494\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Yoast SEO:27.5","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":101697,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (19080)","md5":"659f24bb4ad4b6fa8b3885f3cac26085","sha1":"012c4941db40ce45f3808070896326ca428337e4","sha256":"c41d1858f4deaf885f889616d75acecdb6617506d629bac66717647940342cec","sha512":"edc625beb23a2943f1318b994be2d5e9c8da6041277d75f4bfda4a87b38ad018a1f76412a6ad3af05612cf37e72891e3e265f6f99e3cb5e2e78641e193c60da8","ssdeep":"1536:ilxJpPZ5yp5Y8UG7radTYgoQIFlqE+EwwCYCUb:il7pPZ07wd0guMMCUb","tlshash":"e0a3fa51a76488fa7a6f4b6dd044e7286648ee02df05e5eaf4e1d04564ccdfb04b3b0e","first_seen":"2026-05-07T12:46:00.203253Z","last_seen":"2026-05-07T15:39:55.937488Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1344,"timings":{"blocked":506,"dns":170,"connect":165,"send":0,"wait":329,"receive":2,"ssl":169},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/idea-flow/assets/css/patterns.css?ver=1775126184","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/idea-flow/assets/css/patterns.css?ver=1775126184 HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 02 Apr 2026 10:36:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2069\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10039,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (730)","md5":"c1c31fae19e5672b43eb660033baf487","sha1":"d5c6fff8c31994b7b84cadecabc415fb63645027","sha256":"f0dbc9fd18ecb60f91277f78f73b885e7b43141f0dcec4fefa56fbdb8e76b710","sha512":"87995d2f6a7ec6f2089424c8d32ec370a97f5edbb319ad9da621d5c71fc8113629436123fcb6d8f0ecd72b653828148af5008e00f035aea061cc87ba145f831e","ssdeep":"192:D4XzDKZPAYC03/t6agL49WqaRy6cpjPw/u:D4orC03/tNsQWqaRvh/u","tlshash":"5222c2b2f7f384504436192b4d461538763fec678a0669e5b4c7f2ea6388e830a56f3d","first_seen":"2024-11-05T19:37:45.295054Z","last_seen":"2026-05-31T07:38:56.531236Z","times_seen":101,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"galabetonline.casino/wp-content/themes/beiged/inc/superbthemes-info-content/icons/img-icon-7.png","fqdn":"galabetonline.casino","domain":"galabetonline.casino","tld":"casino"},"ip":{"addr":"66.29.148.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://galabetonline.casino/","date":"2026-05-07T12:45:33.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabetonline.casino","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 11:05:37 GMT","end":"Wed, 01 Jul 2026 11:05:36 GMT"},"fingerprint":{"sha1":"83:5E:C2:95:2D:25:D5:67:30:86:8B:A9:5F:EA:20:2C:99:E1:38:82","sha256":"A6:D2:EE:67:A1:44:88:C1:66:FE:38:45:0B:AC:4E:39:7A:C3:03:B2:A4:71:1C:FA:D8:EB:BF:68:C5:98:1E:81"}}},"request":{"raw":"GET /wp-content/themes/beiged/inc/superbthemes-info-content/icons/img-icon-7.png HTTP/1.1\r\nHost: galabetonline.casino\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://galabetonline.casino/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 14 May 2026 12:45:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 02 Apr 2026 10:36:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3838\r\ndate: Thu, 07 May 2026 12:45:33 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3838,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"c1d0390f453cb7ecfa1d64e2345e2ef4","sha1":"8a5c2ec82663b93637c25cb72d85e7084edc0004","sha256":"d3ecc014f50222b77dfb22ff9369848fefc93dde20d806732aad8b4091d30d2b","sha512":"079ee1074d2f1c9c1e858e898ca80b50993b377c53ce4cc75add87a3695e72da4c53ee5ef0fd5a9ded9c86105c3ca1508110c45f4ac5e1063e85360a3cf4a179","ssdeep":"","tlshash":"6381f88aec05ee84574adf856ddee12b9a2b08c485c0e446bdcfdc9354700f98e8d9c3","first_seen":"2024-11-21T06:33:45.347641Z","last_seen":"2026-05-31T07:38:56.53616Z","times_seen":18,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"galabetonline.casino","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}