{"report_id":"0efcc40f-72db-4c13-a153-9ef0355b795c","version":6,"status":"done","tags":[],"date":"2025-09-20T14:34:29Z","url":{"schema":"http","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"title":"MOSTBET"},"submit":{"url":{"schema":"http","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T14:34:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-20","alert":"Sinkholed","trigger":"xbsvxoxtmb.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-20","alert":"Sinkholed","trigger":"etlzlpchmb.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"hhkdrnbhmb.com","ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":18,"received_data":429134,"sent_data":10436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rstat.rockmostbet.com","ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":5200708,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":240210,"sent_data":2307,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.26.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"xbsvxoxtmb.com","ip":{"addr":"63.179.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":9885,"sent_data":508,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":283,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":274162,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"x011bt.com","ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":296893,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":98317,"sent_data":1871,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":4,"received_data":135232,"sent_data":2208,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":313,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":81411,"sent_data":605,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"etlzlpchmb.com","ip":{"addr":"18.184.183.54","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":342,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"x011bt.com/public/mb_pre.js","fqdn":"x011bt.com","domain":"x011bt.com","tld":"com"},"ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ea24ac74c2f44172ac873a01953ee7c","sha1":"5d1abd2c4884a8efb233cc40cb315b22e84d2a58","sha256":"3337dbbc370fc2b1322beb69e3c7ffed61ff9db0a5005179ad340fd8b0f84187","sha512":"68da9f070fd62b165f18571842ccea9a1c96be0db460346d074b36bbe38f2e7cc21d6105077b82583f16a2f08cf40cbd00352e496e1c11f4112fa11bf9dfedef","ssdeep":"","tlshash":"5251fd612cff8c1a886fa5b996efef34231751098a489960fd0f81ed0fe49e8453d91c","size":2747,"data":"","first_seen":"2024-07-03T21:06:52Z","last_seen":"2025-10-08T11:09:04.014384Z","times_seen":674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.8fc960a2.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b62d20bebc7f310167453cab279ffab8","sha1":"ccf03306757273d7fc71d44bed2e28ad9326a5a0","sha256":"77d8fb92e79601c1a25331dc3147452f6c975c3aec9a7a24e2ecc9548bcaaaac","sha512":"1b3c4ad1a695b51043623ea434dc71734ecc9ee224b26cca405023d7711e04a93d71da50627d327bd5567066d168e6e8bc8d1df306f211ffb6610721875a7e63","ssdeep":"1536:41cSGXnIdMxujhAwkryH/MpZikyVE4oOBxwzVpTQb/PVuVN8Ko9NWE7Cgy29jpMd:hlZyfMezCLQbXQWNWEWYTzkOBq1","tlshash":"c3f30adcb687713143ab30ba10af140a72366b7d644e8164f018dce9acb9949727bf7d","size":162047,"data":"","first_seen":"2024-10-07T06:03:31Z","last_seen":"2026-04-01T05:19:47.617332Z","times_seen":1538,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x011bt.com/lib.js","fqdn":"x011bt.com","domain":"x011bt.com","tld":"com"},"ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b32e20340444b021df757c6215702a8b","sha1":"b36b1fd9430d95a54aa25a27493e6b418623648f","sha256":"636386c972dcdc298d3b029a43fcce818ac30ff2b1cc91f1d93d6d30286475c8","sha512":"03a9b4cd187a0e51f4d3961143758b309d0796fca883b0887bea02fa8fce7cbcad4bfebd186bfca923afd144feb4b9b59cd653c06ec2523ad1ae8fc4e80a79cd","ssdeep":"1536:OLTAQVFhR+kiEMzDbwt4P6yIIyEx3EPhDp:uh3oAExUPhDp","tlshash":"ab93d689b992b0764be251d8402f440af23e1a79745d90e8fba5c9f26cf994e4137f3c","size":93224,"data":"","first_seen":"2025-09-20T14:34:59.07891Z","last_seen":"2025-09-20T14:34:59.07891Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KJXSRXN","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a92c9f658e4d779dd6a144191b6a7818","sha1":"609cfcce55caa224b9ce25b71736f2d04f4e1f1f","sha256":"49a968e3a633a4f7af779d7f80768c5fc02fbf24796f17986531f8e75e6f1733","sha512":"e7a90a42844963af9c3afcc02ab8cf608ddbcb4fb1da446acd36c7e27c0bc8bc7f9c04b748009c68a6e10bc2754dd4398895378a8f0c591ac7d276540513479a","ssdeep":"3072:DlISgW/zflqVKQ05tIHQorCkE2vz/8LvKt4yFVRbjSytu2td8HRs/3:SjVnQd2sKDBbjSytugdf3","tlshash":"bb4408cdb7d6b46283a36478503f014bb17b6992f84cc894f186d8d42e74aaa4277f7c","size":273513,"data":"","first_seen":"2025-09-20T03:04:55.707445Z","last_seen":"2025-09-20T23:05:12.410199Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etlzlpchmb.com/transit-view?cid=7046441179\u0026callback=lMostpartner.changeLinksUrl","fqdn":"etlzlpchmb.com","domain":"etlzlpchmb.com","tld":"com"},"ip":{"addr":"18.184.183.54","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"15399feebda91dbcc358feed0cca03ac","sha1":"89e247beec020c9714e6c9ea9c6cb5bb6d16ed22","sha256":"ac05b44247c5c8fe3da68204cd4d0d09bc7629d1a81ee50531f413bceb64fee5","sha512":"0b5acd4c0cdef14a968be3d6c310c3d09ed8a67453e9d828329a5a499e2bb03b8a9a2d5c67b3109051993c8d00db6554c1a4aff278756955ac1570c5f610dc63","ssdeep":"","tlshash":"bfc0c0c577ec0734035013c9241cbf1dd0c73d033e0c7359d8080523440ced00018615","size":174,"data":"","first_seen":"2025-09-20T14:34:59.124985Z","last_seen":"2025-09-20T14:34:59.124985Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.d9a65e6c.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e9eddbb4e2ddbf0036e13e040b5acac2","sha1":"d3ad7addf97452165398a81d81b98a6b3dc82529","sha256":"cf2b918a3e3a82272660b08ad993345312529a6e1751d2474fbf01ee2a91ae03","sha512":"36d06b26e0386312488ed3e9a5d0fee20905334fce2e84c1e523585c90bcb6526bd471e5c0d4ab7fc6fda092d9a3451857a4aa6c1045c37f1f9f226fda95bcfb","ssdeep":"","tlshash":"b851d02561042b3705efa5b7604bef417b246d00d840a924a970cc4aa2b4ecfb475bde","size":2758,"data":"","first_seen":"2024-12-10T12:50:36.407544Z","last_seen":"2026-03-24T09:35:20.258048Z","times_seen":221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.91d09644.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba17c85f2631009c3381d396d2a3cf62","sha1":"62d2051a90620fec7a951e8432c1e54e38574974","sha256":"c5ffae1615bb9746bde0cc0722d1fd9c1cb3a8c77dd83f6517e29ea1a215fb01","sha512":"36809e96e24ccb2318baadb3fba3326deb7cb3c2b59b75a71c3c3cbf2f40dbf74d3e7980c38e896e4a38a123f618648922c98125090e7591e57f47faca5d20b4","ssdeep":"","tlshash":"6b21020a3ddb0825295ba07f677b4f283353120b1149c431fc8e407d1f949d54879ebc","size":1284,"data":"","first_seen":"2024-10-07T06:03:31Z","last_seen":"2026-04-01T05:19:47.687539Z","times_seen":1564,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.47b38dac.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ab40943742394c31c53696027c1045c","sha1":"7cfa803c1593ae322ce483dc067c6e293d18212a","sha256":"ed4267055b2fcb444ac8712249844c92939349728ba236c50c600f036f94374e","sha512":"b73ebd189616700de65f718be66038d1553958a79647562514285718023fba27915a4f4df9937f6c98210772fd091d348f8936f6299896ef5e49586b10e89d3c","ssdeep":"768:AGRfn8CeK6AtaKUbUIJ3hc6PmEy81rLWDJhfj:AGRmKP58mEXu7","tlshash":"2c03ec6d1b7c436a8db210983dc1904870fbc276fc8a416ce65d8f8b9ad0bd5b449bb7","size":39839,"data":"","first_seen":"2025-09-19T16:34:36.930132Z","last_seen":"2025-10-18T22:04:00.866398Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rstat.rockmostbet.com/lib.js","fqdn":"rstat.rockmostbet.com","domain":"rockmostbet.com","tld":"com"},"ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff49b7ed3af4ecb15cd9c7da0d11e46c","sha1":"eefc1c6f21fed68494d3cdc5cfb688090e726981","sha256":"a75de79c9782d3ea3d01faac2d0acbe2766557622071e26c0c3f97663d508725","sha512":"27c36876e134b68292dcbcf28d49ce3310dee606a439ef7c6f1dedc844c7bc4eea0bf33b4126a7e5cb7b3f349f065de3ad50766e4adb09eef78d33b8496ac496","ssdeep":"3072:Nth6B4BUDjJl14eCzH51SJ3LXnlpfvfUZ5L:Lh63J8yJ3bLfUZR","tlshash":"0434a58cfe96f0b9469376b4802f560ba17b2b65b44e84d0e666d5c0ac7894f413bf3c","size":236698,"data":"","first_seen":"2025-09-20T14:34:58.946561Z","last_seen":"2025-09-20T14:34:58.946561Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.d9a65e6c.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/index.d9a65e6c.js HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-ac6\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2758,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2758), with no line terminators","md5":"e9eddbb4e2ddbf0036e13e040b5acac2","sha1":"d3ad7addf97452165398a81d81b98a6b3dc82529","sha256":"cf2b918a3e3a82272660b08ad993345312529a6e1751d2474fbf01ee2a91ae03","sha512":"36d06b26e0386312488ed3e9a5d0fee20905334fce2e84c1e523585c90bcb6526bd471e5c0d4ab7fc6fda092d9a3451857a4aa6c1045c37f1f9f226fda95bcfb","ssdeep":"","tlshash":"b851d02561042b3705efa5b7604bef417b246d00d840a924a970cc4aa2b4ecfb475bde","first_seen":"2024-12-10T12:50:36.407544Z","last_seen":"2026-03-24T09:35:20.258048Z","times_seen":221,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rstat.rockmostbet.com/band/t4k.json?","fqdn":"rstat.rockmostbet.com","domain":"rockmostbet.com","tld":"com"},"ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rstat.rockmostbet.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Jul 2025 11:53:31 GMT","end":"Tue, 07 Oct 2025 11:53:30 GMT"},"fingerprint":{"sha1":"48:BC:32:EB:D3:F8:30:9F:CE:48:56:5E:4B:F9:3C:78:97:6A:7A:1F","sha256":"3C:EC:44:36:A6:E2:26:17:89:4F:19:2F:75:6D:D3:A7:98:64:04:A2:5F:5A:F0:E2:FB:FE:B4:D4:F7:F2:67:8A"}}},"request":{"raw":"POST /band/t4k.json? HTTP/1.1\r\nHost: rstat.rockmostbet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 791\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.26.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427649699840; Domain=.rockmostbet.com; Path=/; Expires=Sun, 11 Jul 2027 18:53:50 GMT; HttpOnly\r\nx-response-time: 201\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3ee5cbb365a070a73397cb0759741618","sha1":"052bd934cba5e1c51ebb7f27cf00566a65163b6f","sha256":"8324491a02460e795f961ea8b081919f171b7c71c83175068747c5fb0c8e3ae4","sha512":"c775c00f8b1d1eb9dc9f8fedc98167917f502ac18729ad39c5b7beee847fdc7491f9a93d6911c36d3d70338599c4f588397108d473436aa5cc7231197eb92598","ssdeep":"","tlshash":"eca012011d000000e8644245031da97181103234c0101d8840e4fc70c2581747384cb7","first_seen":"2025-09-20T14:34:58.872567Z","last_seen":"2025-09-20T14:34:58.872567Z","times_seen":1,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xbsvxoxtmb.com/api/v1/external-register.json","fqdn":"xbsvxoxtmb.com","domain":"xbsvxoxtmb.com","tld":"com"},"ip":{"addr":"63.179.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xbsvxoxtmb.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Sep 2025 13:46:34 GMT","end":"Mon, 08 Dec 2025 13:46:33 GMT"},"fingerprint":{"sha1":"A1:0B:5C:31:A0:22:20:A7:D8:84:ED:DB:B9:F3:22:06:04:D7:AC:D6","sha256":"52:16:DE:3A:5A:5B:57:D9:29:98:F0:D2:A8:27:49:4D:B8:FA:AD:DE:3C:7E:E0:CC:B8:9F:22:B0:46:58:0E:A3"}}},"request":{"raw":"GET /api/v1/external-register.json HTTP/1.1\r\nHost: xbsvxoxtmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\ncache-control: max-age=0, must-revalidate, private\r\ncontent-encoding: gzip\r\netag: W/\"0ff728e0298f3516d3b395273112b13a\"\r\nexpires: Sat, 20 Sep 2025 14:34:06 GMT\r\nset-cookie: PHPSESSID=39d6npii85mn0deuqblmg8imvo; expires=Mon, 20-Oct-2025 14:34:06 GMT; Max-Age=2592000; path=/; secure; HttpOnly\nlunetics_locale=en; expires=Sun, 21-Sep-2025 14:34:06 GMT; Max-Age=86400; path=/; secure\ntz=Europe%2FOslo; expires=Sat, 27-Sep-2025 14:34:06 GMT; Max-Age=604800; path=/; secure\r\nvary: Accept-Encoding, Accept-Language\r\nx-request-id: a2cac3f91e657337d52fe6af197f9169\r\nserver-timing: country;desc=\"NO\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":9080,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0ff728e0298f3516d3b395273112b13a","sha1":"53b129a1f87b866e1be4dfb0096ebe07f49513c9","sha256":"6c3dcc617926e066db7542df539aa155f7ff69c2e80302d77e8f0a848fc4cf31","sha512":"9e0129408aa622e8981879389a7955d858141ee7fd3919e861fa1c1f9e8c3e1c38a89e943fa13835248a16575dbd87ebbb3f2031dc3408f6b84e734e49ded49d","ssdeep":"192:8fEgA6WDAeClm6GTQXhXK7f/vzkdI7oW4gAwod04PfGTsP:8fEg2MegmrkXRK7nLkdI0A+puo","tlshash":"8512860cdeae79bd1e7086e90af32ee788e350108915ad1bd82a4ded94d49fcf343525","first_seen":"2025-09-19T16:34:36.919175Z","last_seen":"2025-09-26T06:19:38.671152Z","times_seen":10,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":54,"dns":1,"connect":21,"send":0,"wait":224,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-20","alert":"Sinkholed","trigger":"xbsvxoxtmb.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/pop-up-element-2.749fcdaf.webp","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/pop-up-element-2.749fcdaf.webp HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8398\r\nlast-modified: Fri, 18 Jul 2025 13:55:08 GMT\r\netag: \"687a523c-20ce\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8398,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5f038ec2e065712c5b9b3d3a65d9a3d6","sha1":"d7bd1357dc867393ed16237c03061cdfce1a18fd","sha256":"126b89c2cf07797e4dd9347e7d4ab12334e30478844ab6cf7b72bdf08d3c896b","sha512":"2c90aad9d1090352c2cb13734f177ca3f71b15c9cc9d0ce943c9c458c0cffe6bd28967a5853188cf1910ca10e470978f0f78843a76c92dd5d5c7368714b45177","ssdeep":"192:8XCZIXTe4UkWq6xignaK3DUVUnAj1PMag1y7O7mfhKi:m63N3DUUnAj1PMad3Ki","tlshash":"0102bfb8d76d4ddfe1bb3afe1cc32bcd431c064c0945d82925480eb996cb800b55b2c0","first_seen":"2024-06-01T18:04:31Z","last_seen":"2026-03-24T09:35:20.253201Z","times_seen":273,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/wheel-arrow.f9caeba6.webp","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/wheel-arrow.f9caeba6.webp HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.60b25726.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3032\r\nlast-modified: Fri, 18 Jul 2025 13:55:08 GMT\r\netag: \"687a523c-bd8\"\r\nexpires: Tue, 15 Sep 2026 14:34:06 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"47d39cb5448786a1103e9088478d2296","sha1":"20218a6b15b9efb60b0062a1805fc0e5a463210d","sha256":"97bea329d7d8fb263b91c0d658dee28957722a7f8d4a504eff694037c7036337","sha512":"2efb7d0a12baeb7d39efee9ab502d55c9bf750319b0e8914c91790a4b485da055d475df2327b144561f49ad09736441c6f4d6dcd0159ed645185247b51bcaf6e","ssdeep":"","tlshash":"aa513a70df568dd9eda2b23dda350700b35981979026c52fe2448b6c3d42c685e6ac9e","first_seen":"2024-06-01T18:04:31Z","last_seen":"2026-03-24T09:35:20.246852Z","times_seen":273,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/svg/ru.svg","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/svg/ru.svg HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nCookie: rst4-uid=7375175427381477376; rst-uid=7375175427649699840; rst4-sstart=1758378846567\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 11 Mar 2024 10:14:45 GMT\r\netag: W/\"65eed995-3a1\"\r\nexpires: Tue, 15 Sep 2026 14:34:06 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":929,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0dd7311c9ada53d221f2eb0060fe8794","sha1":"10e92bd72d7b51bba6cc661b6322bda9a31ea94e","sha256":"6ed1e7ef2044abfa43b1bf911bff7b8434fd85a09c7fca001f31536f65776bf7","sha512":"8973b0773a3031f57de786a992473f60adc757ccb79b1e8b18ae0cd3ba8428eb28f48a83bb14340c30503c5ceb25090e4465f765f0d558e67c071c67b6b6dfc9","ssdeep":"","tlshash":"341159e4a6874c2bb970eaf0db74f76e133203a09fd1e498a35b356f310511255c5aec","first_seen":"2025-04-13T10:56:51.921412Z","last_seen":"2025-11-13T06:09:51.948171Z","times_seen":762,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.47b38dac.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/index.47b38dac.js HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-9b9f\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39839,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39803), with no line terminators","md5":"5ab40943742394c31c53696027c1045c","sha1":"7cfa803c1593ae322ce483dc067c6e293d18212a","sha256":"ed4267055b2fcb444ac8712249844c92939349728ba236c50c600f036f94374e","sha512":"b73ebd189616700de65f718be66038d1553958a79647562514285718023fba27915a4f4df9937f6c98210772fd091d348f8936f6299896ef5e49586b10e89d3c","ssdeep":"768:AGRfn8CeK6AtaKUbUIJ3hc6PmEy81rLWDJhfj:AGRmKP58mEXu7","tlshash":"2c03ec6d1b7c436a8db210983dc1904870fbc276fc8a416ce65d8f8b9ad0bd5b449bb7","first_seen":"2025-09-19T16:34:36.930132Z","last_seen":"2025-10-18T22:04:00.866398Z","times_seen":13,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/pop-up-element.e6f166ad.webp","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/pop-up-element.e6f166ad.webp HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12050\r\nlast-modified: Fri, 18 Jul 2025 13:55:08 GMT\r\netag: \"687a523c-2f12\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12050,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"94cc001bed70b219d25be3a9e97e0d84","sha1":"ac94e9bda60417bb2145c3d99cafd8aecc577ef9","sha256":"e2ba733f49154855e9e3720fe3d59da18bc1bdd0e2f353a753a2aebbe6e5e35f","sha512":"e01871b42ef1d789dcef1e0f675d6949106187cfadca8473ec54acd5678d0388b46bae7581ec0fc7ccafed34c78296d6c876ff3b26d496cd75ab831905c231f0","ssdeep":"192:/+TbFMnsgjxdLsrA4GfqnSSNOiTqlL3MWocXdOsYHX8zs4iLn8juGlDVzTDa:AMsgYrAjYSSNOGqlLJXdOs84HFTDa","tlshash":"6442ae29f12a682cc533d739dd0eaa1d8a3366c660c212955b4b501bc7cb46f88f5adf","first_seen":"2024-06-01T18:04:31Z","last_seen":"2026-03-24T09:35:20.261558Z","times_seen":273,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/wheel.aa0a5bc5.svg","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/wheel.aa0a5bc5.svg HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-6aef\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27375,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e293029632c21bfda67e722b0cac4fdc","sha1":"6bbe67cc16c818d3c7d6b3f296f70e51a96ccf6a","sha256":"2f435b9bbdeae06445e4f50257fd16839c1824bc50c5a36a34ec077e940b5c67","sha512":"21b850519b936014e1572d6bcd1fde628d67e48bdb7c7248d41d44e98def263f78dd2c8dcc4a6a57f31e74c36164c4c828e97030b2c162585cbbb545229fe4bd","ssdeep":"384:0u7Hzli/RelGq4//KnThSoY3d94nFbnenuUFFIsKZXQ3lDiFGTgl6eCg2CPOiPA6:0MTyRvhWTwV4phXQbQXnNPZ","tlshash":"3fc2a6d96b70f2d89ac79e9eff21acd8261eb4fd5f7242c1817e9a0868d78d0e505c10","first_seen":"2025-09-19T16:34:36.907919Z","last_seen":"2025-10-18T22:04:00.892641Z","times_seen":13,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rstat.rockmostbet.com/lib.js","fqdn":"rstat.rockmostbet.com","domain":"rockmostbet.com","tld":"com"},"ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rstat.rockmostbet.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Jul 2025 11:53:31 GMT","end":"Tue, 07 Oct 2025 11:53:30 GMT"},"fingerprint":{"sha1":"48:BC:32:EB:D3:F8:30:9F:CE:48:56:5E:4B:F9:3C:78:97:6A:7A:1F","sha256":"3C:EC:44:36:A6:E2:26:17:89:4F:19:2F:75:6D:D3:A7:98:64:04:A2:5F:5A:F0:E2:FB:FE:B4:D4:F7:F2:67:8A"}}},"request":{"raw":"GET /lib.js HTTP/1.1\r\nHost: rstat.rockmostbet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.26.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: text/javascript\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427649699840; Domain=.rockmostbet.com; Path=/; Expires=Sun, 11 Jul 2027 18:53:50 GMT; HttpOnly\r\nx-response-time: 0\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236698,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29927), with LF, NEL line terminators","md5":"ff49b7ed3af4ecb15cd9c7da0d11e46c","sha1":"eefc1c6f21fed68494d3cdc5cfb688090e726981","sha256":"a75de79c9782d3ea3d01faac2d0acbe2766557622071e26c0c3f97663d508725","sha512":"27c36876e134b68292dcbcf28d49ce3310dee606a439ef7c6f1dedc844c7bc4eea0bf33b4126a7e5cb7b3f349f065de3ad50766e4adb09eef78d33b8496ac496","ssdeep":"3072:Nth6B4BUDjJl14eCzH51SJ3LXnlpfvfUZ5L:Lh63J8yJ3bLfUZR","tlshash":"0434a58cfe96f0b9469376b4802f560ba17b2b65b44e84d0e666d5c0ac7894f413bf3c","first_seen":"2025-09-20T14:34:58.946561Z","last_seen":"2025-09-20T14:34:58.946561Z","times_seen":1,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":63,"dns":1,"connect":25,"send":0,"wait":50,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/bg.62491af9.webp","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/bg.62491af9.webp HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.60b25726.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 61254\r\nlast-modified: Fri, 18 Jul 2025 13:55:08 GMT\r\netag: \"687a523c-ef46\"\r\nexpires: Tue, 15 Sep 2026 14:34:06 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61254,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"20467fe1a4710fcb69cdcdd40699b86e","sha1":"c7098e0b18d8196b64be8fc21ddd620be5ffae9c","sha256":"d32aa4fe5e00f8ccb763722b59424e5a0877539f463056bbf9bc62f9348f1f74","sha512":"bc2550d9ba671e5a8c67515bf13adc7ba20daaebe7a8b5cada44da3f0aff0bccfaa06efaaa75cb71983e2430f3cd676b17e70619c3fbebd41ed5a3fd0ee0de17","ssdeep":"1536:6JJIr8iEiG2ZCZcPtMaBjnKoHm9T8gsVXWt4ll:6JJILEpXaFu9LsVB","tlshash":"db53017c9f97a6b3dfa74739d9f613b190f7a0acab11594015a42e029ac12803e4c1df","first_seen":"2024-06-01T18:04:31Z","last_seen":"2026-03-24T09:35:20.244049Z","times_seen":273,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KJXSRXN","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"GET /gtm.js?id=GTM-KJXSRXN HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\nexpires: Sat, 20 Sep 2025 14:34:06 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sat, 20 Sep 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 95997\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":273513,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2849)","md5":"a92c9f658e4d779dd6a144191b6a7818","sha1":"609cfcce55caa224b9ce25b71736f2d04f4e1f1f","sha256":"49a968e3a633a4f7af779d7f80768c5fc02fbf24796f17986531f8e75e6f1733","sha512":"e7a90a42844963af9c3afcc02ab8cf608ddbcb4fb1da446acd36c7e27c0bc8bc7f9c04b748009c68a6e10bc2754dd4398895378a8f0c591ac7d276540513479a","ssdeep":"3072:DlISgW/zflqVKQ05tIHQorCkE2vz/8LvKt4yFVRbjSytu2td8HRs/3:SjVnQd2sKDBbjSytugdf3","tlshash":"bb4408cdb7d6b46283a36478503f014bb17b6992f84cc894f186d8d42e74aaa4277f7c","first_seen":"2025-09-20T03:04:55.707445Z","last_seen":"2025-09-20T23:05:12.410199Z","times_seen":20,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":216,"dns":9,"connect":23,"send":0,"wait":35,"receive":46,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rstat.rockmostbet.com/band/t4k.json?","fqdn":"rstat.rockmostbet.com","domain":"rockmostbet.com","tld":"com"},"ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rstat.rockmostbet.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Jul 2025 11:53:31 GMT","end":"Tue, 07 Oct 2025 11:53:30 GMT"},"fingerprint":{"sha1":"48:BC:32:EB:D3:F8:30:9F:CE:48:56:5E:4B:F9:3C:78:97:6A:7A:1F","sha256":"3C:EC:44:36:A6:E2:26:17:89:4F:19:2F:75:6D:D3:A7:98:64:04:A2:5F:5A:F0:E2:FB:FE:B4:D4:F7:F2:67:8A"}}},"request":{"raw":"POST /band/t4k.json? HTTP/1.1\r\nHost: rstat.rockmostbet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 778\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.26.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427649699840; Domain=.rockmostbet.com; Path=/; Expires=Sun, 11 Jul 2027 18:53:50 GMT; HttpOnly\r\nx-response-time: 201\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"37f850c8fb0a0d64f8620395789a8899","sha1":"358df41a200f5393ed5114f67212d1d45f0e4f9b","sha256":"4a904a2dc8d41c52f9474e44a0f6fc9fefc23dcf5d6441d9fcb55f60fb9d7db7","sha512":"352b7a495daf96f1c883c70a8ab9db7cac4bdd7169443a33bae4fffd28e056cd240718f012c05bb0689279854f8d124e04f29d1caa6b253f3d2edc1b489bd287","ssdeep":"","tlshash":"77a012011d404041c8a08255061d5a30d0003324d010245440d4f870c2981747348c7b","first_seen":"2025-09-20T14:34:59.055548Z","last_seen":"2025-09-20T14:34:59.055548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.8fc960a2.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/index.8fc960a2.js HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-278ff\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162047,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64478)","md5":"b62d20bebc7f310167453cab279ffab8","sha1":"ccf03306757273d7fc71d44bed2e28ad9326a5a0","sha256":"77d8fb92e79601c1a25331dc3147452f6c975c3aec9a7a24e2ecc9548bcaaaac","sha512":"1b3c4ad1a695b51043623ea434dc71734ecc9ee224b26cca405023d7711e04a93d71da50627d327bd5567066d168e6e8bc8d1df306f211ffb6610721875a7e63","ssdeep":"1536:41cSGXnIdMxujhAwkryH/MpZikyVE4oOBxwzVpTQb/PVuVN8Ko9NWE7Cgy29jpMd:hlZyfMezCLQbXQWNWEWYTzkOBq1","tlshash":"c3f30adcb687713143ab30ba10af140a72366b7d644e8164f018dce9acb9949727bf7d","first_seen":"2024-10-07T06:03:31Z","last_seen":"2026-04-01T05:19:47.617332Z","times_seen":1538,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.91d09644.js","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/index.91d09644.js HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-504\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1284,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"ba17c85f2631009c3381d396d2a3cf62","sha1":"62d2051a90620fec7a951e8432c1e54e38574974","sha256":"c5ffae1615bb9746bde0cc0722d1fd9c1cb3a8c77dd83f6517e29ea1a215fb01","sha512":"36809e96e24ccb2318baadb3fba3326deb7cb3c2b59b75a71c3c3cbf2f40dbf74d3e7980c38e896e4a38a123f618648922c98125090e7591e57f47faca5d20b4","ssdeep":"","tlshash":"6b21020a3ddb0825295ba07f677b4f283353120b1149c431fc8e407d1f949d54879ebc","first_seen":"2024-10-07T06:03:31Z","last_seen":"2026-04-01T05:19:47.687539Z","times_seen":1564,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x011bt.com/lib.js","fqdn":"x011bt.com","domain":"x011bt.com","tld":"com"},"ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"x011bt.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 09:47:54 GMT","end":"Tue, 11 Nov 2025 09:47:53 GMT"},"fingerprint":{"sha1":"67:D6:31:32:20:6E:C0:C2:BE:88:44:6E:EB:A6:C3:3F:D0:9D:D6:43","sha256":"91:AC:85:9B:E8:EB:29:E4:08:EC:66:EF:AF:4B:97:19:E4:4D:8A:44:54:74:96:73:49:F6:3F:10:56:85:DC:9B"}}},"request":{"raw":"GET /lib.js HTTP/1.1\r\nHost: x011bt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: text/javascript\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427381477376; Domain=.x011bt.com; Path=/; Expires=Sun, 13 Aug 2028 10:59:38 GMT; HttpOnly; Secure; SameSite=None\r\nx-response-time: 0\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93224,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65290)","md5":"b32e20340444b021df757c6215702a8b","sha1":"b36b1fd9430d95a54aa25a27493e6b418623648f","sha256":"636386c972dcdc298d3b029a43fcce818ac30ff2b1cc91f1d93d6d30286475c8","sha512":"03a9b4cd187a0e51f4d3961143758b309d0796fca883b0887bea02fa8fce7cbcad4bfebd186bfca923afd144feb4b9b59cd653c06ec2523ad1ae8fc4e80a79cd","ssdeep":"1536:OLTAQVFhR+kiEMzDbwt4P6yIIyEx3EPhDp:uh3oAExUPhDp","tlshash":"ab93d689b992b0764be251d8402f440af23e1a79745d90e8fba5c9f26cf994e4137f3c","first_seen":"2025-09-20T14:34:59.07891Z","last_seen":"2025-09-20T14:34:59.07891Z","times_seen":1,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Sep 2025 02:48:25 GMT\r\nexpires: Sat, 19 Sep 2026 02:48:25 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nage: 128741\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-03T18:30:42.929492Z","times_seen":304075,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":86,"dns":1,"connect":7,"send":0,"wait":8,"receive":8,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-20T14:34:05.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-14c1\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5313,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5300), with no line terminators","md5":"bb2237676cf411af88b3ba1b4335312f","sha1":"d610ed3503d280eb36029a453b778160ce7f612b","sha256":"4e36074e2913e7bd3d153f5b7341f85950f054eab4b5c729abe14754e6366b6a","sha512":"f1e2f8b1de396d24f3842b07d4ac903a4273270e3c35f52205c2bd7a231345336189b696ff4022652fb9663fbf74900ded655faf7dde1811cadf2ea7caa9822f","ssdeep":"96:pIusg7icn+RIidWVKlGBl/C+jaxkl/ZdNoiUn3CNAB+3Il:pdn+RIioQoBJB8kJZdNoiYSk5l","tlshash":"57b1ee712a14e877415bd8c9e6b15f0f32c7c20cef538a5287f883989fd6e82ee14919","first_seen":"2025-09-19T16:34:36.903524Z","last_seen":"2025-10-18T22:04:00.908975Z","times_seen":13,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":55,"dns":1,"connect":20,"send":0,"wait":24,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Sep 2025 02:48:25 GMT\r\nexpires: Sat, 19 Sep 2026 02:48:25 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nage: 128741\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-03T18:30:42.929492Z","times_seen":304075,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":176,"dns":1,"connect":22,"send":0,"wait":8,"receive":3,"ssl":170},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x011bt.com/public/mb_pre.js","fqdn":"x011bt.com","domain":"x011bt.com","tld":"com"},"ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"x011bt.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 09:47:54 GMT","end":"Tue, 11 Nov 2025 09:47:53 GMT"},"fingerprint":{"sha1":"67:D6:31:32:20:6E:C0:C2:BE:88:44:6E:EB:A6:C3:3F:D0:9D:D6:43","sha256":"91:AC:85:9B:E8:EB:29:E4:08:EC:66:EF:AF:4B:97:19:E4:4D:8A:44:54:74:96:73:49:F6:3F:10:56:85:DC:9B"}}},"request":{"raw":"GET /public/mb_pre.js HTTP/1.1\r\nHost: x011bt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 14 Jun 2024 07:29:25 GMT\r\netag: W/\"666bf155-abb\"\r\ncache-control: no-store; must-revalidate\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2747,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"5ea24ac74c2f44172ac873a01953ee7c","sha1":"5d1abd2c4884a8efb233cc40cb315b22e84d2a58","sha256":"3337dbbc370fc2b1322beb69e3c7ffed61ff9db0a5005179ad340fd8b0f84187","sha512":"68da9f070fd62b165f18571842ccea9a1c96be0db460346d074b36bbe38f2e7cc21d6105077b82583f16a2f08cf40cbd00352e496e1c11f4112fa11bf9dfedef","ssdeep":"","tlshash":"5251fd612cff8c1a886fa5b996efef34231751098a489960fd0f81ed0fe49e8453d91c","first_seen":"2024-07-03T21:06:52Z","last_seen":"2025-10-08T11:09:04.014384Z","times_seen":674,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":54,"dns":0,"connect":24,"send":0,"wait":24,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/email_icon.ec6076d6.svg","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/email_icon.ec6076d6.svg HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-1e1\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":481,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9011e479d661160abc90c448d6c363ec","sha1":"5e50bcea866216e8af5af83c60aedd094dd15aff","sha256":"ceeb7518d586a054cdedbd1998909c828824ea8d7c5316f60b4a0eaa84b9918f","sha512":"0b27bdac7a3d53423845bf0ee244fc0914fd7717e3512589d85e76729a7e30920bf27b6330aad7d02e6df770831034da8f860ab69c5d7a300bddad47461bb3f3","ssdeep":"","tlshash":"c6f0d4d95f95551982930535cd344081276f91a5b565835f93945360f0cb162d608a74","first_seen":"2025-04-10T22:34:11.077168Z","last_seen":"2026-04-01T05:19:47.620239Z","times_seen":908,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/wheel-border.391fdb34.webp","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/wheel-border.391fdb34.webp HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.60b25726.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 43406\r\nlast-modified: Fri, 18 Jul 2025 13:55:08 GMT\r\netag: \"687a523c-a98e\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43406,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c5083e9392f6a9ac667bb086967d225a","sha1":"9a0be348a7c6552ce8e7acd30098fa0093dc000b","sha256":"79352d838b77c5f7556b335a21563f719747acd1bb2fe8ba5b64d0590763c6e1","sha512":"17fac1d6eccc78fc9e32813e9a9ef9379e29985625f56a2cf8c25597e9f9d457fd48f462bf3399b8d01a319104afef2955f6cb71f7e848b179d2554f6978ef13","ssdeep":"768:l0txe6H1rVUYrJnfmWqt7k87GJG0zf129LCdDAfdMiVU6GsmV//2Rp0UeqAet:l0T1eYNnFA7k8hKt29QDAlMixmV//2Rl","tlshash":"4e13027b2b235b1cf8e23c7ee9303ae794e75d1d21b59c790fa87e3449291004e9a14e","first_seen":"2024-06-01T18:04:31Z","last_seen":"2026-03-24T09:35:20.260238Z","times_seen":273,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rstat.rockmostbet.com/band/t4k.json?","fqdn":"rstat.rockmostbet.com","domain":"rockmostbet.com","tld":"com"},"ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rstat.rockmostbet.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Jul 2025 11:53:31 GMT","end":"Tue, 07 Oct 2025 11:53:30 GMT"},"fingerprint":{"sha1":"48:BC:32:EB:D3:F8:30:9F:CE:48:56:5E:4B:F9:3C:78:97:6A:7A:1F","sha256":"3C:EC:44:36:A6:E2:26:17:89:4F:19:2F:75:6D:D3:A7:98:64:04:A2:5F:5A:F0:E2:FB:FE:B4:D4:F7:F2:67:8A"}}},"request":{"raw":"POST /band/t4k.json? HTTP/1.1\r\nHost: rstat.rockmostbet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 687\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.26.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427649699840; Domain=.rockmostbet.com; Path=/; Expires=Sun, 11 Jul 2027 18:53:50 GMT; HttpOnly\r\nx-response-time: 201\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8edbbb364452ab7b917ece3cdbd963b0","sha1":"6ea2293245cc3dc0fa96fc640ee2634cc940cac0","sha256":"6d6b8d0a9338ef40cfb32645b7403f05ba288d82f26c6d0d7d07b90db7bf4391","sha512":"234c86cb121c49f32c63440e670fb331ed0cc6a55392383c5951e0d93ac354f1311b91107b60a6f02aed3bad577fa822bb82775d26587aafc590390dd267a888","ssdeep":"","tlshash":"ada012011c005400d8918245075e5970c000b234c0101c4040d8bcb0c2981f47345cb7","first_seen":"2025-09-20T14:34:59.105662Z","last_seen":"2025-09-20T14:34:59.105662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rstat.rockmostbet.com/band/t4k.json?","fqdn":"rstat.rockmostbet.com","domain":"rockmostbet.com","tld":"com"},"ip":{"addr":"162.55.5.93","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rstat.rockmostbet.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Jul 2025 11:53:31 GMT","end":"Tue, 07 Oct 2025 11:53:30 GMT"},"fingerprint":{"sha1":"48:BC:32:EB:D3:F8:30:9F:CE:48:56:5E:4B:F9:3C:78:97:6A:7A:1F","sha256":"3C:EC:44:36:A6:E2:26:17:89:4F:19:2F:75:6D:D3:A7:98:64:04:A2:5F:5A:F0:E2:FB:FE:B4:D4:F7:F2:67:8A"}}},"request":{"raw":"POST /band/t4k.json? HTTP/1.1\r\nHost: rstat.rockmostbet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 791\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.26.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427649699840; Domain=.rockmostbet.com; Path=/; Expires=Sun, 11 Jul 2027 18:53:50 GMT; HttpOnly\r\nx-response-time: 201\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"204f214718b9ef789362d5358f58a93c","sha1":"1625781f721a6502fc03e65e3a50910b7d8723bd","sha256":"ba7da77b4607306fd598b0b0b98faf23403addc8cddfdb01005e7c3267c58158","sha512":"40ad222f0ad930c2cc9f53200e165a1e8a35b15b169e2df7bcd3aacabb3a0ac8532dcecda198a9385fcc16fe0d4aad852239b0fffd009b27b66261bd365e9ec0","ssdeep":"","tlshash":"5ba012015c000000e85046450b1d6d71a0003368c011584440d4bc70c2582787340cbb","first_seen":"2025-09-20T14:34:59.110394Z","last_seen":"2025-09-20T14:34:59.110394Z","times_seen":1,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/svg/no.svg","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/svg/no.svg HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nCookie: rst4-uid=7375175427381477376; rst-uid=7375175427649699840; rst4-sstart=1758378846567\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 11 Mar 2024 10:14:45 GMT\r\netag: W/\"65eed995-4b1\"\r\nexpires: Tue, 15 Sep 2026 14:34:06 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1201,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ff269bcfaa1fb5e2acb904b2645c8333","sha1":"98dc2761c2205ffd7af2ad236449b8abcf92cf0c","sha256":"4f9a999c5b50ec9339c0cc92a1ef8ea485ccee62c7dca3913272472f85c8937d","sha512":"ce5467c39ab113426f2e6d14aec261330a1d340e64dcc1ff865ff1d84b8c0ba0d0cf9f4b4792186f368ae7b82aca5deba2f842756b51724a6c141d4610bb5ee2","ssdeep":"","tlshash":"e2219bdcb7571c672570adb4de70b9a917301251ced2ed99e32b389f304650791c4c99","first_seen":"2025-04-13T10:56:51.920619Z","last_seen":"2026-04-01T05:19:47.628278Z","times_seen":607,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,900\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,900\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 20 Sep 2025 14:34:06 GMT\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80725,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"3fdbddfb123fc219001f755ca83e380b","sha1":"3fa609ce2238e5437334c77b485ceedca0d2fc9e","sha256":"6b7fae462b38de1203239bc40fe0af507732d60331b31d21d739ead158d1a1b2","sha512":"080212c8812a2e5d1428d00be044c0f01c517ae261a8de4195fc52cb128e13e871597b73896bb2b16fe630cc14b341e3f48e9dec69bd88b7600a7b72f5c3cbd1","ssdeep":"768:MDqDwDRD6DlBD/KDED0D/6s7qlL/aAQGrZKbla/LVlN0SRklh/Uu+zeoHOlX/+EQ:7LG7/BW2Bia0p","tlshash":"28830d91041b5040ab835ce223cf7e35fe4e92617150c079abfd9babeddbc62526876c","first_seen":"2025-09-18T01:31:59.975649Z","last_seen":"2025-11-18T14:34:10.098279Z","times_seen":161,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":135,"dns":1,"connect":20,"send":0,"wait":35,"receive":0,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/phone_icon.450e5067.svg","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/phone_icon.450e5067.svg HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-219\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":537,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4791a12d6f99a4f37f074b430c6a0147","sha1":"43c23f3472ef49dd9d9f6745de4df75f23c7af37","sha256":"0c0f7b084bc7819036bfd5c0939246c44fe0421915436c27eab846be3e957cc4","sha512":"d6da83027a4f780f81d1a09d86efe0b7f186b2ec38f2b9556ba1384c7d8b666e4f3b569ec63f722d0ecea4e1bd2eef39abe3c1bfe2a344eaf86af48c007e3021","ssdeep":"","tlshash":"6af02bdea64058d44c49c33afb3845c5676b5446f1aa0bcca5c95a56e02b8a22144d4d","first_seen":"2025-04-10T22:34:11.07831Z","last_seen":"2026-04-01T05:19:47.635012Z","times_seen":908,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jqw16WXh0pg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/montserrat/v31/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jqw16WXh0pg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18624\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Sep 2025 00:24:53 GMT\r\nexpires: Sat, 19 Sep 2026 00:24:53 GMT\r\ncache-control: public, max-age=31536000\r\nage: 137353\r\nlast-modified: Thu, 04 Sep 2025 17:10:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18624,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18624, version 1.0","md5":"b2cdd1b3f5e3c1c15ee186125af1615f","sha1":"15ad206d09259ff0a9622c5eecd3cf835b942535","sha256":"7084156f0b371b854c9fd3a84bc1006315b153898e75c20b1dfd5aa80a62c769","sha512":"da4bad99d8a92803fdb39f6e91b7fb2c07da19c14504e5e23073a25f2ccf0eb19e7cc3ee3de39f65a28a39355eefede8151e6ba7db5c4efdf24eed5e13bf405b","ssdeep":"384:gO2kWEectxDZ3WcdwLNSKR18RvSB458Y8P4sbgu8RSrGd1:gU5tx1NdmNb1+SB45Dab18RD3","tlshash":"8082d0f1da937c1a828c47f4605206a807eb25caa20051bf9d6ac4f49ea151fc71ccb9","first_seen":"2025-09-06T11:34:37.762724Z","last_seen":"2026-03-30T19:31:37.151154Z","times_seen":248,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":186,"dns":0,"connect":22,"send":0,"wait":8,"receive":1,"ssl":174},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/favicon.bef7e6f1.png","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/favicon.bef7e6f1.png HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nCookie: rst4-uid=7375175427381477376; rst-uid=7375175427649699840; rst4-sstart=1758378846567\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 1228\r\nlast-modified: Fri, 18 Jul 2025 13:55:08 GMT\r\netag: \"687a523c-4cc\"\r\nexpires: Tue, 15 Sep 2026 14:34:06 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"b032b9570ea88e8311e2b4a1c7132b50","sha1":"7e1fc38837ae9327acc4c803550bac0078d86e77","sha256":"7f7fc8e94513461ad423835d85708c97b5f3dcb37b4c56b8d6e93420e9cefb45","sha512":"1cde971103122855cda1781040a630f64826c753f1d9011000633c142a18b61895a56ae4cada69a090224ce9e891c65a6aa883c0583ce4ba89d9c73f659f0f41","ssdeep":"","tlshash":"6d21866d79f48772a7101372550b1a48ff410bf739e4b45e86915c516400511aef472a","first_seen":"2024-08-08T11:19:26Z","last_seen":"2026-04-01T05:19:47.650457Z","times_seen":1375,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/logo.b6057ffd.svg","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/logo.b6057ffd.svg HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-d17\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3351,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8a2c36471b5dd84b680312607afa3d3a","sha1":"b096f347771aad3fd0d1a088822d69adcb438d81","sha256":"3b5bbe99ed424b1d728b06d372f9fb579e70b82d96b1e3cf719911a02de6afb5","sha512":"18a19e2a982dc357f3d676e8b8d38c98ac9df22ca9af68afe7d9286f13987d93f2cce0829c17badcef988308f0e20863975d89ff7d84664c9ebff2b29a66b2f3","ssdeep":"","tlshash":"7a61a4f0abada2fce54747a6df207824731f38be3b124568909d4fb8a5c3519c857c86","first_seen":"2025-09-19T16:34:36.963788Z","last_seen":"2026-01-20T20:55:50.767334Z","times_seen":24,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Sep 2025 02:48:25 GMT\r\nexpires: Sat, 19 Sep 2026 02:48:25 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nage: 128741\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-03T18:30:42.929492Z","times_seen":304075,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":166,"dns":1,"connect":20,"send":0,"wait":8,"receive":4,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etlzlpchmb.com/transit-view?cid=7046441179\u0026callback=lMostpartner.changeLinksUrl","fqdn":"etlzlpchmb.com","domain":"etlzlpchmb.com","tld":"com"},"ip":{"addr":"18.184.183.54","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etlzlpchmb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Sep 2025 13:50:07 GMT","end":"Mon, 08 Dec 2025 13:50:06 GMT"},"fingerprint":{"sha1":"CE:0D:D9:EB:AC:E4:70:FD:CD:99:11:8D:DD:44:65:F1:9D:D5:9D:83","sha256":"1D:08:9D:CD:19:69:93:85:89:19:96:7C:4C:33:28:A9:50:0F:2E:AC:A4:52:B1:45:64:89:A1:73:CB:AB:44:8F"}}},"request":{"raw":"GET /transit-view?cid=7046441179\u0026callback=lMostpartner.changeLinksUrl HTTP/1.1\r\nHost: etlzlpchmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncache-control: no-cache, private\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":174,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"15399feebda91dbcc358feed0cca03ac","sha1":"89e247beec020c9714e6c9ea9c6cb5bb6d16ed22","sha256":"ac05b44247c5c8fe3da68204cd4d0d09bc7629d1a81ee50531f413bceb64fee5","sha512":"0b5acd4c0cdef14a968be3d6c310c3d09ed8a67453e9d828329a5a499e2bb03b8a9a2d5c67b3109051993c8d00db6554c1a4aff278756955ac1570c5f610dc63","ssdeep":"","tlshash":"bfc0c0c577ec0734035013c9241cbf1dd0c73d033e0c7359d8080523440ced00018615","first_seen":"2025-09-20T14:34:59.124985Z","last_seen":"2025-09-20T14:34:59.124985Z","times_seen":1,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":53,"dns":0,"connect":24,"send":0,"wait":49,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-20","alert":"Sinkholed","trigger":"etlzlpchmb.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"x011bt.com/band/t4k.json?dig=6990678546932997\u0026td_trans=b","fqdn":"x011bt.com","domain":"x011bt.com","tld":"com"},"ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"x011bt.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 09:47:54 GMT","end":"Tue, 11 Nov 2025 09:47:53 GMT"},"fingerprint":{"sha1":"67:D6:31:32:20:6E:C0:C2:BE:88:44:6E:EB:A6:C3:3F:D0:9D:D6:43","sha256":"91:AC:85:9B:E8:EB:29:E4:08:EC:66:EF:AF:4B:97:19:E4:4D:8A:44:54:74:96:73:49:F6:3F:10:56:85:DC:9B"}}},"request":{"raw":"POST /band/t4k.json?dig=6990678546932997\u0026td_trans=b HTTP/1.1\r\nHost: x011bt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 993\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nCookie: uid=7375175427381477376\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: application/json\r\ncontent-length: 86\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427381477376; Domain=.x011bt.com; Path=/; Expires=Sun, 13 Aug 2028 10:58:33 GMT; HttpOnly; Secure; SameSite=None\r\nx-response-time: 1\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x011bt.com/band/t4k.json?dig=8576430673609178\u0026td_trans=b","fqdn":"x011bt.com","domain":"x011bt.com","tld":"com"},"ip":{"addr":"49.12.126.251","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:06.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"x011bt.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 09:47:54 GMT","end":"Tue, 11 Nov 2025 09:47:53 GMT"},"fingerprint":{"sha1":"67:D6:31:32:20:6E:C0:C2:BE:88:44:6E:EB:A6:C3:3F:D0:9D:D6:43","sha256":"91:AC:85:9B:E8:EB:29:E4:08:EC:66:EF:AF:4B:97:19:E4:4D:8A:44:54:74:96:73:49:F6:3F:10:56:85:DC:9B"}}},"request":{"raw":"POST /band/t4k.json?dig=8576430673609178\u0026td_trans=b HTTP/1.1\r\nHost: x011bt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1084\r\nOrigin: https://hhkdrnbhmb.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/\r\nCookie: uid=7375175427381477376\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 20 Sep 2025 14:34:06 GMT\r\ncontent-type: application/json\r\ncontent-length: 86\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1\r\naccess-control-allow-origin: https://hhkdrnbhmb.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Content-Length,Content-Type\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 21:00:12 GMT\r\nlast-modified: Sun, 17 May 1998 03:44:30 GMT\r\nset-cookie: uid=7375175427381477376; Domain=.x011bt.com; Path=/; Expires=Sun, 13 Aug 2028 10:58:30 GMT; HttpOnly; Secure; SameSite=None\r\nx-response-time: 1\r\ncache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/index.60b25726.css","fqdn":"hhkdrnbhmb.com","domain":"hhkdrnbhmb.com","tld":"com"},"ip":{"addr":"3.71.72.23","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners","date":"2025-09-20T14:34:05.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hhkdrnbhmb.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Aug 2025 13:06:37 GMT","end":"Mon, 03 Nov 2025 13:06:36 GMT"},"fingerprint":{"sha1":"2B:4A:AF:F9:D0:72:1A:75:E0:87:DC:DF:F5:D1:76:2C:01:C8:A0:80","sha256":"A3:52:15:84:BD:35:0D:B3:E8:E9:61:0D:6B:24:3F:F8:3B:73:EC:6A:A0:9B:34:57:12:53:68:91:E2:81:9F:97"}}},"request":{"raw":"GET /sport/casino/tr/sweet_bonanza2/index.60b25726.css HTTP/1.1\r\nHost: hhkdrnbhmb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hhkdrnbhmb.com/sport/casino/tr/sweet_bonanza2/?cid=7046441179\u0026pid=126894\u0026sip=0\u0026h=etlzlpchmb.com\u0026mphost=mostbet.partners\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 20 Sep 2025 14:34:05 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 18 Jul 2025 13:55:13 GMT\r\netag: W/\"687a5241-b979\"\r\nexpires: Tue, 15 Sep 2026 14:34:05 GMT\r\ncache-control: max-age=31104000, public\r\nx-static-region: DE\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47481,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (47481), with no line terminators","md5":"0b1bea7417d3a2b172efe35701797f14","sha1":"563dbe6ac97df8f7b8b5692ae7ad3e1b39a3dc43","sha256":"618f19423402cd527164ffbaba294ca1759245a834114ad629064e1613284ee7","sha512":"0f1052501f0168a638bed1aa4a5fa9674b37059db75a4d542666781c1e6d0ac60ffdf11465bab4a1a85d15e2b4e6eff36380b38b9aafd9e99c6974dc086cb35e","ssdeep":"384:3KsUJTsy+XEMVWqHSET7dnBo8E9T5QtbnVsfHcbehsSHyY2zDBos65dh+lac:YOVsf8baHy0Th+lb","tlshash":"b22363367a8d1238f03fcd2b6df526942228ca27d1110beef5a6f924c7c76a5059770b","first_seen":"2025-09-19T16:34:36.96158Z","last_seen":"2025-10-18T22:04:00.91163Z","times_seen":13,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}