{"report_id":"0ef56061-55fd-4370-ab53-f3b01f5dabcc","version":6,"status":"done","tags":[],"date":"2026-06-02T08:59:01Z","url":{"schema":"http","addr":"manbetx-rewards.com","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"https","addr":"manbetx-rewards.com/","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"title":"万博体育官网 - 万博体育APP下载 - MANBETX SPORTS","dom":{"size":21529,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17243), with no line terminators","md5":"b40c08eb3d3c0bfee0c6abd81e1ff20f","sha1":"d221e2d1f13d6fbbc1e2e437eed7a51f694a5647","sha256":"c71257a1d46c533cf9bd90ecdbfaf15032940df8a106db416e4a9fe9594ca384","sha512":"665b23ef75a3da1e68124fe0b8b6ba9b944545529b1e290b01a430f949f40e00dd48ca8e5812b1a165e9f9776d72fee324b2b9e1cc66e8d6646a895e58b40d15","ssdeep":"192:1AHB2AOGsDWZl7avyKTxo761bVb2oeLQZ+3IM4uJlbD75xM4kOe5dSM5hjNEru1g:1M4WZl9g3MVbbDHM9L5sMt8qg","tlshash":"3ea2b532b220397b02679dfca62cb74f61fbc24ec5734a4a7af98bd857d5c92446014d","dom_hash":"domhasha4a379cd743afa1a0a7a187642f35e6c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"manbetx-rewards.com","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-07T08:59:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gostat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"manbetx-rewards.com","ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"domain_registered":"2026-05-31","domain_rank":0,"first_seen":"2026-06-02T08:59:02.627663Z","last_seen":"2026-06-02T08:59:02.627663Z","alert_count":0,"request_count":23,"received_data":1742356,"sent_data":10787,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"gostat.com","ip":{"addr":"45.58.179.107","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"domain_registered":"2010-02-10","domain_rank":5153099,"first_seen":"2025-03-01T09:25:51.032419Z","last_seen":"2026-06-02T08:52:28.359035Z","alert_count":3,"request_count":3,"received_data":5082,"sent_data":1441,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"manbetx-rewards.com/e/dongpo/tz/tz.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4c227f0888c9eb058730d6d266b0cc8","sha1":"5f55a1a6c200e8668b5deb58b1cc49d2f0d5fa57","sha256":"4ce97a228737da2c078cf8a0ff04135e112c17238364e631c46c97b53061d104","sha512":"3d0c3d365d6cd29cbedb180b53f488d1e42ecdead99339d96da52b12e1244cfd779f27007b77feb05623fab5c871c3ec10c28e96896bf5b9e335fc787f48fef7","ssdeep":"","tlshash":"3a6000030000000c030000c0c3c030cc003330000300000f30c00330300c00300c3000","size":14,"data":"","first_seen":"2026-01-31T14:13:02.41021Z","last_seen":"2026-06-04T06:19:57.428522Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/bootstrap/js/home.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","size":5802,"data":"","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-25T14:09:28.788731Z","times_seen":954,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/e/dongpo/tz/tj.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b4e3ab6c3f5484826c21475ee0ee8cb","sha1":"9611016fdbce00a1a44c3c50e4917d7debd2d845","sha256":"f8af9bd2969ce403873a715775f12d6e6131ae85d1f4ebd89de57d2e4f5699c2","sha512":"26d2fed83fee6e6e87d08219c8393c37f8c1961a86fc31fd16e5a4bbd05b2db9e655ddaff9fc5c994ef4622d5614c25f15e3e36afc4e7413c491b7efbaf91e7e","ssdeep":"","tlshash":"0bf02b7d1ee6d1308a3b715b217ed3b43a3120572482f546789cd9148f50fec0c59dd9","size":565,"data":"","first_seen":"2026-05-13T13:22:26.224929Z","last_seen":"2026-06-22T09:38:46.491734Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","size":80821,"data":"","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-25T15:27:22.996879Z","times_seen":2312,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-25T16:30:01.108745Z","times_seen":4849,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gostat.com/script.js","fqdn":"gostat.com","domain":"gostat.com","tld":"com"},"ip":{"addr":"45.58.179.107","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d856f250f05dea7af28f74945a38f04b","sha1":"7599fe333956010ab0241049b56b66ddd546f064","sha256":"e2083eff15cc0f9eb7386b7eddebeae43da14cf4477db28424ec9f4afb6ebca4","sha512":"e90317d6235d1529cd93764337d59906e919acac43f513382b2abb0dbbb98ae4f17c7a5242e71879a1c40754d00497c86e82a24360397fafcff2d648a6bf8d85","ssdeep":"","tlshash":"ba51f8e5f29771f0ba68248295b88230f12556b1b94f00c0f9ba4c98741d50295b1f7a","size":2583,"data":"","first_seen":"2025-03-05T04:38:52.915299Z","last_seen":"2026-06-22T09:38:46.478877Z","times_seen":87,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/departments4-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/departments4-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 68972\r\nlast-modified: Mon, 01 Jun 2026 02:12:37 GMT\r\netag: \"6a1cea95-10d6c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68972,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 570x380, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8a07bc5dde197c1e4035b2f077e24938","sha1":"63147a21d3409460c16bfd8e10cf5f9155025f55","sha256":"42729cbe95f08561c4601853b586ac2661bbb95bb122d0dfdf0e6ca00e22f68c","sha512":"c76a0b1ff22405ef8b4441123deb01c7d78ebb9148b3ff394562e872a98e21a760e891141097e2072337a4603338cabc3b8ac0f6f71fa65bedf5dfb57aa11ac3","ssdeep":"1536:A5+JODgM45XYxgyohxxViAGqeBkzTw+DQyjIO6gdim/:XXMMYxwhLV8cTw6QysOHdR/","tlshash":"b96302d0bb64ae9c9458c3c17172788de9f98e3e0d2c5f106a21e71fadd250012da1af","first_seen":"2026-06-02T08:58:17.519925Z","last_seen":"2026-06-02T08:59:06.308228Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":615,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/departments5-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/departments5-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 76392\r\nlast-modified: Mon, 01 Jun 2026 02:12:38 GMT\r\netag: \"6a1cea96-12a68\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76392,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 738x492, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"caebb9208105f024854b0c65bd217110","sha1":"a44e96e89d0bc1c0aba53a25b6391568587ad3ed","sha256":"1ca83a11f83a468bb9e1354e6fe9a4b4a4a55ae264650b743d83d2edba85cdc0","sha512":"e48aa9dcda91523b81277096c51fcde8d114f90e763e76bd24262bdc5756299ac6049c862609448b22671df648bf9ced4c270e1c3f8a58e9073336cfb02258dd","ssdeep":"1536:8AAUNE3yG6pFqjUaCMm+pjc2Z9MpYgbC7c2+7bTutIXIlmoKW4N7J:8CE3yGdIHGc2ZKpYGC79+7fscjB","tlshash":"23731291c1b9a89d5b589cbd989e07a0bfc37588944011b13f92d3fcfec2ede4ad8095","first_seen":"2026-06-02T08:58:17.533112Z","last_seen":"2026-06-02T08:59:06.309122Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":617,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T08:58:39.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":21910,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16823), with no line terminators","md5":"8c539d69692ab0ec2c4dfd3e62553e92","sha1":"c5d4c60913ea13acfedca2cda9912548504a5b50","sha256":"99b6a5c0647fa9178b3ad287b3eb08f6f83267a5f6051b72058fda865a3e07bb","sha512":"50416ba5dbfcf9f43160fab9125801b9791233527610843220e045a5c5cb96230bbcb898401559207003a265302405c2a184a87fdf23efea9305fddec21db076","ssdeep":"192:rAfT2AOGsCWZl7avyKTxo761bVb2oeLQZ+3IM4uJlbD75xM4kJdxM5AjNErX1g:ryxWZl9g3MVbbDHM9JTMq8lg","tlshash":"fb92b532b110397b02679dfca62cb74f61fbc24ec5734a467af98bd81bc5c92456014d","first_seen":"2026-06-02T08:58:17.550393Z","last_seen":"2026-06-02T08:59:06.310559Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1117,"timings":{"blocked":419,"dns":1,"connect":205,"send":0,"wait":279,"receive":0,"ssl":211},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/bootstrap/css/module.css","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/bootstrap/css/module.css HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 24 Jul 2025 13:07:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68823002-28112\"\r\nexpires: Tue, 02 Jun 2026 20:57:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":164114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65518)","md5":"67e45932bedd92dd7bc2a7de1653677e","sha1":"b15f3b2e370d9a7c2c40ea991c8f4a839617702d","sha256":"6e25cdc64273a412026df8a7b3510d9ba7dd6cd75653dd3eb884371b4ace73e8","sha512":"d6130c594f82eefca5109421095dc8c0603b44c4c714bdb8956e64278c9c1625263a531a1ad401fa344f180c2f1cbe95af8246c9e33dc6a28316ab243f448591","ssdeep":"1536:qiVj2AhHm0CfrtrPr7AhhTQbdS6U8H2GXVxICl1gGqotJFFp4L/Xzbv9ALVTFCew:sAhhTQg6U8p45s5Q","tlshash":"c6f397309984202cf11bc5eae5d0abef32649801f663077ef66370a6d6c21ef577674a","first_seen":"2025-10-09T23:37:04.753197Z","last_seen":"2026-06-25T14:09:28.744259Z","times_seen":926,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":416,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/app2-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/app2-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 50580\r\nlast-modified: Mon, 01 Jun 2026 02:12:38 GMT\r\netag: \"6a1cea96-c594\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 766x510, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4655c8153a0cb2fe9906bbd8eedf739c","sha1":"e3459e2a93a6306665b1d753c42bb0524fd4a5cb","sha256":"54a2de12d04c3a010f1447cc9d384509e051edebe82b5bb5f3b18387908f6753","sha512":"326f9cc0e79451b5718b2ec78f4fe749b4473beaa2e0d39ae4d81dbd705c9ee41d94601ddd93256f030204eec193e319262fb07207a709f8d9671652a64367a3","ssdeep":"1536:aHCFumLN3MhEJ3G/zekxEzQSgDCucUVGQ9M:sCRLN8GJ3yGXgDCNUG","tlshash":"423302f2c74f856bd6465017faab72f2950c5cf8389d0c299149af64a3ac6070e2af74","first_seen":"2026-06-02T08:58:17.513139Z","last_seen":"2026-06-02T08:59:06.312227Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1029,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":611,"receive":418,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/e/dongpo/tz/tz.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /e/dongpo/tz/tz.js HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 14\r\nlast-modified: Wed, 26 Nov 2025 21:26:50 GMT\r\netag: \"6927709a-e\"\r\nexpires: Tue, 02 Jun 2026 20:57:47 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with no line terminators","md5":"f4c227f0888c9eb058730d6d266b0cc8","sha1":"5f55a1a6c200e8668b5deb58b1cc49d2f0d5fa57","sha256":"4ce97a228737da2c078cf8a0ff04135e112c17238364e631c46c97b53061d104","sha512":"3d0c3d365d6cd29cbedb180b53f488d1e42ecdead99339d96da52b12e1244cfd779f27007b77feb05623fab5c871c3ec10c28e96896bf5b9e335fc787f48fef7","ssdeep":"","tlshash":"3a6000030000000c030000c0c3c030cc003330000300000f30c00330300c00300c3000","first_seen":"2026-01-31T14:13:02.41021Z","last_seen":"2026-06-04T06:19:57.428522Z","times_seen":40,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/bootstrap/js/home.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/bootstrap/js/home.js HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 14 Jul 2025 04:49:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68748c76-16aa\"\r\nexpires: Tue, 02 Jun 2026 20:57:47 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-25T14:09:28.788731Z","times_seen":954,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/skin/fontawesome/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 158220\r\nlast-modified: Fri, 13 Dec 2024 01:50:06 GMT\r\netag: \"675b92ce-26a0c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-06-25T19:37:02.797583Z","times_seen":30158,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gostat.com/script.js","fqdn":"gostat.com","domain":"gostat.com","tld":"com"},"ip":{"addr":"45.58.179.107","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gostat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 06:44:34 GMT","end":"Thu, 02 Jul 2026 06:44:33 GMT"},"fingerprint":{"sha1":"9A:C6:1A:D5:1A:BD:F0:B8:35:25:89:D9:C1:46:3A:8D:F7:83:F6:4C","sha256":"6E:A2:CE:DB:F4:EF:8B:CB:14:89:FC:A5:33:00:AB:A0:6B:8C:79:64:98:81:2E:AA:B7:58:73:59:5B:19:72:A4"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: gostat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH\r\ncache-control: public, max-age=0\r\ncontent-encoding: gzip\r\ncontent-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline' gostat.com www.gostat.com;style-src 'self' 'unsafe-inline' gostat.com www.gostat.com;connect-src 'self' api.gostat.com cloud.gostat.com;frame-ancestors 'self' undefined\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 02 Jun 2026 08:58:42 GMT\r\netag: W/\"a17-1945eca1888\"\r\nlast-modified: Mon, 13 Jan 2025 08:31:30 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: on\r\nx-frame-options: DENY\r\ncontent-length: 1447\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2583,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2582)","md5":"d856f250f05dea7af28f74945a38f04b","sha1":"7599fe333956010ab0241049b56b66ddd546f064","sha256":"e2083eff15cc0f9eb7386b7eddebeae43da14cf4477db28424ec9f4afb6ebca4","sha512":"e90317d6235d1529cd93764337d59906e919acac43f513382b2abb0dbbb98ae4f17c7a5242e71879a1c40754d00497c86e82a24360397fafcff2d648a6bf8d85","ssdeep":"","tlshash":"ba51f8e5f29771f0ba68248295b88230f12556b1b94f00c0f9ba4c98741d50295b1f7a","first_seen":"2025-03-05T04:38:52.915299Z","last_seen":"2026-06-22T09:38:46.478877Z","times_seen":87,"resource_available":true,"data":null}},"time_used":797,"timings":{"blocked":319,"dns":1,"connect":154,"send":0,"wait":157,"receive":1,"ssl":162},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gostat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gostat.com/api/send","fqdn":"gostat.com","domain":"gostat.com","tld":"com"},"ip":{"addr":"45.58.179.107","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:42.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gostat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 06:44:34 GMT","end":"Thu, 02 Jul 2026 06:44:33 GMT"},"fingerprint":{"sha1":"9A:C6:1A:D5:1A:BD:F0:B8:35:25:89:D9:C1:46:3A:8D:F7:83:F6:4C","sha256":"6E:A2:CE:DB:F4:EF:8B:CB:14:89:FC:A5:33:00:AB:A0:6B:8C:79:64:98:81:2E:AA:B7:58:73:59:5B:19:72:A4"}}},"request":{"raw":"OPTIONS /api/send HTTP/1.1\r\nHost: gostat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://manbetx-rewards.com/\r\nOrigin: https://manbetx-rewards.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: content-type, Content-Type, Authorization, X-Requested-With\r\naccess-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH\r\naccess-control-allow-origin: https://manbetx-rewards.com\r\naccess-control-max-age: 86400\r\ncontent-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline' gostat.com www.gostat.com;style-src 'self' 'unsafe-inline' gostat.com www.gostat.com;connect-src 'self' api.gostat.com cloud.gostat.com;frame-ancestors 'self' undefined\r\ndate: Tue, 02 Jun 2026 08:58:42 GMT\r\nserver: nginx\r\nvary: Access-Control-Request-Headers\r\nx-cache: BYPASS\r\nx-dns-prefetch-control: on\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-25T19:14:33.55165Z","times_seen":16717247,"resource_available":true,"data":null}},"time_used":795,"timings":{"blocked":319,"dns":1,"connect":155,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gostat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/bootstrap/css/bootstrap.min.css","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 15:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6863fbf4-38a52\"\r\nexpires: Tue, 02 Jun 2026 20:57:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232018,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"50c95aae1a6c1e089c11681d1e1906f8","sha1":"a65e4fd8db9bd0440de2d6d73c9e7cd00fce4a8d","sha256":"cd1826581e4f2b80af4f1e05897b316c7698441063cffaefbbdeec382ee4cd72","sha512":"7f0edff9370c8d36fb6e96cb25994ff20d98e17702c85656f2ecbc1ec459b07fd2c1b330d2994a1c51ebf7d0cdde5d3856c60dc2fce27145ffeaababbc8c5bc7","ssdeep":"1536:v9xnXGi9GfJkfvq5wlP7cQZDR9uvV982sYRElV6V6pz600I41r:HnXp9GfrV98II6V6pz600I41r","tlshash":"d03482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-06-19T07:12:41.126365Z","last_seen":"2026-06-25T15:27:22.992787Z","times_seen":2289,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/app1-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/app1-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 64492\r\nlast-modified: Mon, 01 Jun 2026 02:12:38 GMT\r\netag: \"6a1cea96-fbec\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 603x401, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b9f1107ed8aa625db69de866ffe94c07","sha1":"a39b48d89d2e6d9a54163db176c2713915478729","sha256":"6ba1e4e8b0c2ce885238f14076a3ddd5d7cfb627c31f76aeb55ca49920cb9ddc","sha512":"a3d3bf363f0e408b979edde2b60b9dd208b1fc06ee7cae8dc8ebe355af193330837531a2ac1840916591875b4642b8990cf97460e5cc6622bcec80f9f897ef39","ssdeep":"1536:YS0kDahCE973Y3cSdWPSpphTe7nRsOjdhPSrCLCf:YwDk73pSdWkphS7nnjnLCf","tlshash":"fb53f2e0e74ef44cb7622d3b365efe2e49ad394017beb70b4951e5c524e14e8e621282","first_seen":"2026-06-02T08:58:17.540552Z","last_seen":"2026-06-02T08:59:06.316563Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":416,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 01 Jul 2025 16:41:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68640fcc-13bb5\"\r\nexpires: Tue, 02 Jun 2026 20:57:47 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-25T15:27:22.996879Z","times_seen":2312,"resource_available":true,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/swiper/js/swiper-bundle.min.js HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Jul 2025 16:58:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6865652e-22512\"\r\nexpires: Tue, 02 Jun 2026 20:57:47 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-25T16:30:01.108745Z","times_seen":4849,"resource_available":true,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/e/dongpo/tz/tj.js","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /e/dongpo/tz/tj.js HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 565\r\nlast-modified: Wed, 17 Dec 2025 11:52:48 GMT\r\netag: \"69429990-235\"\r\nexpires: Tue, 02 Jun 2026 20:57:47 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":565,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"3b4e3ab6c3f5484826c21475ee0ee8cb","sha1":"9611016fdbce00a1a44c3c50e4917d7debd2d845","sha256":"f8af9bd2969ce403873a715775f12d6e6131ae85d1f4ebd89de57d2e4f5699c2","sha512":"26d2fed83fee6e6e87d08219c8393c37f8c1961a86fc31fd16e5a4bbd05b2db9e655ddaff9fc5c994ef4622d5614c25f15e3e36afc4e7413c491b7efbaf91e7e","ssdeep":"","tlshash":"0bf02b7d1ee6d1308a3b715b217ed3b43a3120572482f546789cd9148f50fec0c59dd9","first_seen":"2026-05-13T13:22:26.224929Z","last_seen":"2026-06-22T09:38:46.491734Z","times_seen":26,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/swiper/css/swiper-bundle.min.css","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/swiper/css/swiper-bundle.min.css HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Jul 2025 01:36:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686c762a-4691\"\r\nexpires: Tue, 02 Jun 2026 20:57:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18065,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17812)","md5":"ea28ae0aaf82709381c57d6a7daa7a05","sha1":"a7c528dc9018aeefed9a52337168decb220e2f61","sha256":"af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2","sha512":"9c63402a957e06b7c365a6cf5f53baaba991953e7bfda99d8feeaf177db6a2782a28004b1d82df2dcde362d5556e4891f6da300d63cf13d816144dadb1920f66","ssdeep":"192:1VmUJbiKne0JlXZHZ+Sme+jexS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9A5Q:1gUbe0JdZHZ+W+SFnZ24tlWfF4XYz","tlshash":"d08245a85340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9132f6a9","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-25T16:30:01.045942Z","times_seen":5433,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":416,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/app3-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/app3-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 118302\r\nlast-modified: Mon, 01 Jun 2026 02:12:38 GMT\r\netag: \"6a1cea96-1ce1e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":118302,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 787x523, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"58296c49452ae84fde5ce687e471961c","sha1":"024ff5791b3af7570fb46a651088a49f125921b5","sha256":"05ace3b9eae193936837267715deeb3c1d246df43a7ee8c243d72beb476a3fe5","sha512":"950a46fdb9e3975d0e96bb597d5a28ea96b580642abc18b998fb5653dab0c9ad7f9f75320ee53e628df749c9143d322097190cca7c2b47eee747046eff5db866","ssdeep":"3072:8+jWXcrggMsH7iD4+FB99XnY1HNgevdKnF6:kMLMsud99oFKo","tlshash":"d2c31213f4b0795bbe604d3699c62e0fd39c40d39a6572bb3970002bbb7ab2f61154a7","first_seen":"2026-06-02T08:58:17.514327Z","last_seen":"2026-06-02T08:59:06.319541Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":619,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/footer-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/footer-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:47 GMT\r\ncontent-type: image/webp\r\ncontent-length: 65694\r\nlast-modified: Mon, 01 Jun 2026 02:12:39 GMT\r\netag: \"6a1cea97-1009e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65694,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 696x464, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2554e804d00e214369f26c3e92202c73","sha1":"f4c038fc044f375e8d2ba331c15cd455b5f2f08a","sha256":"a931dc784540756b59649e8127da9aac497a2beb31493e03cf13794afd6c2e7b","sha512":"ba0c7d889f2326764fb5e07544e33927f763498f94c9eca05841a8efa765118f38eb63b011da323ef5f37666cd2441cf8beb28ae995bf76e324b5873b4f72a47","ssdeep":"1536:c+4ZJl/QbNWeFzkWrZaqC6XRiDzaX/1cQxLw6zulMgZizRYhToeahzY:cPsbNWcvUqjXRi3YC6LwHpZizRKovm","tlshash":"405302e2f079a236882e88e8ede6577b1999904b681b043c0a6670fb57941e37d0e14b","first_seen":"2026-06-02T08:58:17.541852Z","last_seen":"2026-06-02T08:59:06.320154Z","times_seen":2,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":571,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/ico/favicon35.ico","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:42.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/ico/favicon35.ico HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:48 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nlast-modified: Tue, 08 Jul 2025 20:42:24 GMT\r\netag: \"686d82b0-423e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"3c6cf4b62e16a2e762ba9afbc9101a7e","sha1":"a2a2765f26d1008e0248c06f7b5932ec0ec27bbc","sha256":"77afacc01bec0a12267eb84cae80d70e7e7c41c878ce2a5c36d91d34a613a2be","sha512":"a579074957fc1c0fe665625231d0352cc8ae9f1965dc9025bb052b37c6bd74efa178073476982de90c9dca3f24adabe5dca49b20c469dd66278b31838e4a9471","ssdeep":"96:rH7LnT7et8FTHo3PVLlXXk1HYZXYZHXk1X019934Hzlt8u2QTTv:rbjTKb","tlshash":"4a72a2f1cf1a3937c1dc1831ab56ca364bd50cea34a4a06d9aa578cd9c3d637e4c60ca","first_seen":"2026-03-01T06:01:52.369712Z","last_seen":"2026-06-08T23:16:54.16981Z","times_seen":14,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gostat.com/api/send","fqdn":"gostat.com","domain":"gostat.com","tld":"com"},"ip":{"addr":"45.58.179.107","port":443,"asn":46844,"as":"SHARKTECH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:42.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gostat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 06:44:34 GMT","end":"Thu, 02 Jul 2026 06:44:33 GMT"},"fingerprint":{"sha1":"9A:C6:1A:D5:1A:BD:F0:B8:35:25:89:D9:C1:46:3A:8D:F7:83:F6:4C","sha256":"6E:A2:CE:DB:F4:EF:8B:CB:14:89:FC:A5:33:00:AB:A0:6B:8C:79:64:98:81:2E:AA:B7:58:73:59:5B:19:72:A4"}}},"request":{"raw":"POST /api/send HTTP/1.1\r\nHost: gostat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://manbetx-rewards.com/\r\nContent-Type: application/json\r\nContent-Length: 312\r\nOrigin: https://manbetx-rewards.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":312,"data":"{\"type\":\"event\",\"payload\":{\"website\":\"3ab2075c-b2ce-4c62-9e55-ce479ae3d935\",\"hostname\":\"manbetx-rewards.com\",\"screen\":\"1280x1024\",\"language\":\"en-US\",\"title\":\"%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E5%AE%98%E7%BD%91%20-%20%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2APP%E4%B8%8B%E8%BD%BD%20-%20MANBETX%20SPORTS\",\"url\":\"/\"}}"}},"response":{"raw":"HTTP/2 400 Bad Request\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH\r\naccess-control-allow-origin: https://manbetx-rewards.com\r\ncontent-security-policy: default-src 'self';img-src * data:;script-src 'self' 'unsafe-eval' 'unsafe-inline' gostat.com www.gostat.com;style-src 'self' 'unsafe-inline' gostat.com www.gostat.com;connect-src 'self' api.gostat.com cloud.gostat.com;frame-ancestors 'self' undefined\r\ndate: Tue, 02 Jun 2026 08:58:42 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-cache: BYPASS\r\nx-dns-prefetch-control: on\r\ncontent-length: 129\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text","md5":"b6dca927bd5f7c578bd066ceacdbf6a2","sha1":"35c7971e4f747fd6985c58e00c9adab2f8dcf926","sha256":"2c619a67b8fd85ebcc3a21a6e450c2040a75f056aeab2b782ec3dd6a5276a701","sha512":"f62c24bb9d3a83415b552b98a79d49adf199b4ef0e6e3e2ec563e9734494adfc7faaf767adc9728e66742173a57ecceb2cc5340791084d43ecb30f20b8824f3a","ssdeep":"","tlshash":"06b02b4be306b0f605c30c8081038050e063e1e146b50004062071ec147c46bb24f314","first_seen":"2026-05-29T21:13:24.747939Z","last_seen":"2026-06-05T02:36:24.462897Z","times_seen":12,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gostat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/fontawesome/css/all.min.css","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/fontawesome/css/all.min.css HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 15:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6863fbf4-1907e\"\r\nexpires: Tue, 02 Jun 2026 20:57:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"c43cd173eeeba2f72aa6b431d06b8c07","sha1":"427a692f7f39eabb3d5b8510aee2743025daf813","sha256":"c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a","sha512":"02f6f6422b83104bc1e1b64961d7edda63635528417ed2dd3c6f0527457b8ab4cb43c528d2a70fc61e0f96aec6e6d1a6d2b53ed523e1568b6d78ba41111c1393","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgmLCq:P709gMGFiyPG9ZimLCq","tlshash":"4fa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-06-25T18:42:29.154261Z","times_seen":11986,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/logo/manbetxrewardscom/logo.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/logo/manbetxrewardscom/logo.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3384\r\nlast-modified: Mon, 01 Jun 2026 02:12:36 GMT\r\netag: \"6a1cea94-d38\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3384,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x140, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f57b7319e20369fac2f443420c075f91","sha1":"a3903da427dc30a618962c9b61afc8bd841afd07","sha256":"45df0aacf5a169a9e33dfed7732b14f6babec0f63aa2779db25fb99d57fe28ab","sha512":"74e34c34bde030b4896f71aa3352cb8c24a0e7e33afc12c7c79347f8a8a61275b6d5ed0628c15c219252e91f84c395250b145a35bbb0cf5d4c506d64e71463c9","ssdeep":"","tlshash":"8a614cc191a4e3caf214ed0289549837710b94b92f3fbbe68b44d55aae40d76ccf831e","first_seen":"2026-06-02T08:58:17.518471Z","last_seen":"2026-06-02T08:59:06.322516Z","times_seen":2,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":618,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/hero-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/hero-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 110722\r\nlast-modified: Mon, 01 Jun 2026 02:12:36 GMT\r\netag: \"6a1cea94-1b082\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110722,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 587x391, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f666759d4aae373fa345845cb7b86098","sha1":"685952711e48d468f2e964bc4845cfcdbb6f0c10","sha256":"b5fdaa3ef1f1996fcdecf0fb16bc2ba6209aa98d0d38ac6dce56d81043a583ac","sha512":"240775514c5ed8a2d55dfa2f2854c6992abbb34fb7d7667808aa886fb1982e10fd9aac8799e43e4662e806e2249a10ea55f9d38a383f48f5044af1bb7c43f430","ssdeep":"3072:01A6W41Jd/OmC5LjQCmM9SSu87CInDbfvNAy:OA6P1TWmiUCmwI8fPvNL","tlshash":"b5b3129d4722a3ee82c4734f26327f43266f3f8e8727570bee2760674914766414abc5","first_seen":"2026-06-02T08:58:17.545238Z","last_seen":"2026-06-02T08:59:06.323153Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":423,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/departments2-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/departments2-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 111678\r\nlast-modified: Mon, 01 Jun 2026 02:12:37 GMT\r\netag: \"6a1cea95-1b43e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111678,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 847x564, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f3bf647e1333c4e4978c11958442a74b","sha1":"e76c85f6637165df0ce52bef73e528a483f7608a","sha256":"4beaedc9b9a10e47787d46d17269807879b98523dd6848d24a206cd975854cce","sha512":"028e62ebc1990ed276c7655b681fb7d001e6bc73071d1cb1042621a6cfcba1469c02ccb4bed6ab8721dd4f9f38a3e14a10913c3abd2aeb21dd0a55f715c75c9f","ssdeep":"1536:O/PMYyNLIdfZw+nvxwtj7+LU3JytwSOgwVScM6h/v7kgllqzDl+lL:O/P54IdfpxwtWLm8O9gOSpcrflqzDklL","tlshash":"46b313fa9c43c1ca07249cc6496d7a1c95314e13be1ede6bd816bed03465eade88d288","first_seen":"2026-06-02T08:58:17.538622Z","last_seen":"2026-06-02T08:59:06.324275Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":614,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/departments1-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/departments1-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 71702\r\nlast-modified: Mon, 01 Jun 2026 02:12:37 GMT\r\netag: \"6a1cea95-11816\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71702,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 662x441, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"aca6563cfb6e509c328b6dacd4caaf9d","sha1":"beeb75b5e87e0ce2e48604ee6684a27f826e5845","sha256":"efd8b3e88d408b0d977c5198ca2eefa86e375f89c5284e4471916844010a6873","sha512":"61debccb57d604d4e65cc4b5f3dfbdf993e152705eb521b33f8c96c43a5ee33819a50d77da79bbdb7e50276dac23cf37fb8e6c149b4203c405bebae17ad46c9f","ssdeep":"1536:WyjvKnCFkvuxaIwHJdcphUnmvfXJkZhcOSHqyBj5qbY:bDKnokvRpjnmvfXJkZMQs","tlshash":"2863028011c07557e4d8cf4995ee3c0cf726ba5d6733c8a62b0af186be8e185ceb9749","first_seen":"2026-06-02T08:58:17.511459Z","last_seen":"2026-06-02T08:59:06.325119Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":424,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"manbetx-rewards.com/skin/cover/manbetxrewardscom/departments3-35.webp","fqdn":"manbetx-rewards.com","domain":"manbetx-rewards.com","tld":"com"},"ip":{"addr":"177.210.156.103","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://manbetx-rewards.com/","date":"2026-06-02T08:58:41.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ballbetplay.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 01:09:01 GMT","end":"Sun, 30 Aug 2026 01:09:00 GMT"},"fingerprint":{"sha1":"A3:7F:B7:48:B6:75:68:C4:0B:6A:37:D9:0F:A7:0F:4D:65:D1:FA:C2","sha256":"14:26:F0:F0:6E:DA:3E:87:D3:E1:AF:5D:CE:94:4B:9C:E6:BD:7A:2D:2E:90:3B:26:E0:2B:E8:5D:99:A0:E2:C8"}}},"request":{"raw":"GET /skin/cover/manbetxrewardscom/departments3-35.webp HTTP/1.1\r\nHost: manbetx-rewards.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://manbetx-rewards.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 02 Jun 2026 08:57:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 51896\r\nlast-modified: Mon, 01 Jun 2026 02:12:37 GMT\r\netag: \"6a1cea95-cab8\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51896,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 819x546, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"479087076d8ff1c918427fbc8bf868f5","sha1":"c9fb7f2508cfef35230f6bbabc9eddc9a4b0c125","sha256":"34f7c5b0065d9f948b29ffd8941637c289f3f36300839316d70037d06a1811a4","sha512":"d8d0afeb1f6b5753cddb9b9f272afc62be740a2c0b0975c2eb1b3c36d9f64a8b0b7555d4bd1953cf93edb35a6524efb16b312a2fc1a7d5d17de84009e91f7bb9","ssdeep":"1536:bT62c8iK+wrTEGgsA9efPhp2T4rS/HemtDz:NLCwTEGpsenBrSPxZ","tlshash":"f633f1e04227da4ef327f8cba74f8878aed3a0d961332545258d6e5fe4a38403c14b57","first_seen":"2026-06-02T08:58:17.546228Z","last_seen":"2026-06-02T08:59:06.325747Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1022,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":613,"receive":409,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}