{"report_id":"29aad773-52c9-4f3c-a5bf-08fdb430373e","version":6,"status":"done","tags":[],"date":"2026-02-06T10:57:18Z","url":{"schema":"http","addr":"bonanza89login.com/","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"bonanza89login.com/","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"title":"Bonanza89 - Bonanza 89 | Situs Slot Gascor Hari Ini Pasti Wd","dom":{"size":189460,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (42406)","md5":"0939eded7ac563b8295885c763096466","sha1":"206cfda7a92ff8e2cc59d72428990a0a8229b852","sha256":"97b1d682b4b0de39225f73d50e5a1797512b67188e380d4a2967880ec54cdb57","sha512":"c4b376f36e24b2e97afa1d602c0ec4e7fa3bc43df5b16cf7ca396cca7a9b927a8a156279842674a487e82c53238ce5b198497b55a396097ff28abac8f661d905","ssdeep":"768:5dWk5F4g5A4WR2vErnS1HtyQu6zyygVMnUYvtRhFU5JPK8uC7LEZFUa9/NpV2tv4:/Z5F4g5A4WR2vS961fSReV3AcL3OS9S+","tlshash":"4a04a562684d016f6117c341a1f8f6ab9e55c91fc9324b89f4ae6bccc781f02767a32c","dom_hash":"domhash44a030e76175de06f6904d76ea831eba","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bonanza89login.com/","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-13T10:57:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2026-02-02T06:30:55.925197Z","alert_count":0,"request_count":5,"received_data":340655,"sent_data":2332,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bonanza89login.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-02-08","domain_rank":0,"first_seen":"2026-02-06T10:57:19.847089Z","last_seen":"2026-02-06T10:57:19.847089Z","alert_count":97,"request_count":97,"received_data":2369063,"sent_data":47600,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress:6.9","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7aed616980682321cddfb9b8cf5562c","sha1":"eef8ab735f5db076a2d75e2aa0eed2a906e5acf3","sha256":"a7ecf95bf8e77d736137458ca0e73cd7d0bbf0b56be119719ea3676fa92e6a87","sha512":"b073068035bdade94cbacabe7d4b3e5e7d441fdcf45f6a0e861ee7923844150f3bd033f57c1a2881b4f8d0d21326d02f660a07f0d7e64010c3ba8f3d95abc509","ssdeep":"3072:5HZ1lahpWCJEM51jrASXXMdrRrNWeEUFgmlMg3:L1lahpWCJEM51/AHdrRrNWnUFgOB","tlshash":"7524d5a63296b03247e555f5d4774002e3296998340b806cf86ceecb7cb9d86b1b6f7c","size":228233,"data":"","first_seen":"2026-01-27T19:56:43.462935Z","last_seen":"2026-03-17T21:41:49.827118Z","times_seen":383,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-bind-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"920f912c96b9f765bd48268aed9e247e","sha1":"a92d7399f3c20e997d854f699a6175848405a5b0","sha256":"50967b8c93756d78aae4937a33646501744a94d3c0d7d7cacaa2c74b3ac0f090","sha512":"b808abc3af44a5607437b95a058c7a71650517cc9f66d4a473f8ced66d1010268c08d823db3ec81379c7e161edef617cf766e1ad89d0e1eb70cd5bdd61867c29","ssdeep":"768:lXCsqZrGK6LtckYuN3WMoT+TfmdURuSlnc5Ql0p43fHL3+k4OGeUiBIKHX4hR0Zd:dqOdLtLYUESdcw3ze5VJzkFnJ2U","tlshash":"a913ebb53292a43747d648e694377012e32d2956300ac8e8f1aceecb7c77955b1b5e3c","size":41951,"data":"","first_seen":"2026-01-27T22:09:22.884947Z","last_seen":"2026-03-17T21:41:49.822487Z","times_seen":222,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012601162341000/v0/amp-loader-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd1e9230f8bce15f2278c5a542892ab4","sha1":"3cc51cd0547626645b968d0abf7db7d3cf81ea0b","sha256":"b8b1fd0ca593bd5a92c5d53632f316d98505bcbfe63069dec8cc248edf8f10b8","sha512":"e3799fca7e4e2562d5ba055e657a6b5ac5eb5dbd1b424a58dbe497a1e34f8346a5cd32a40358f5321105a00b9eee3fcef9e416532088bdeb09c53150d8a29e40","ssdeep":"384:Ho39KdedznnH/axp6ulqaa5F4g5A4WR2vCk:I39KMdTfaD6ulDa5F4g5A4WR2vCk","tlshash":"0c42a460a60ba2ac530342f488f5b856757ccd4fb8104079f0604ededf8ae54bdbb96e","size":12361,"data":"","first_seen":"2026-01-27T19:56:43.459766Z","last_seen":"2026-03-29T23:21:07.911016Z","times_seen":339,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-anim-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"44f2b013639f8aa043f9e4a06772c284","sha1":"9bdc3848eeb9d64f57af9c3a7d382df775eb4baf","sha256":"fb165f97e946cb1766950277393535b031b7f3b8197ee7707eb59b69898b24fd","sha512":"ace7763f3bd8b5f8791abef78cec2abe1b12a35f5fd0cab3d992ef25f16aa03bc289b361dae2edb7e4fd30ab3b68d5f65e8adc34e67a1d7b5442e768dbbc4a0f","ssdeep":"","tlshash":"a671c7b83186b5769f973ce245275401fa39643a3407c868b168decf293ac5624b6f3c","size":3802,"data":"","first_seen":"2026-01-27T22:09:22.829762Z","last_seen":"2026-03-17T21:41:49.770725Z","times_seen":219,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012601162341000/ww.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:37:36 GMT","end":"Mon, 13 Apr 2026 08:37:35 GMT"},"fingerprint":{"sha1":"92:C5:4E:6D:40:0A:B8:2E:B5:9D:CF:E8:63:E6:D4:FA:C8:C6:F2:11","sha256":"B0:B2:FE:64:A4:3F:15:8A:DB:43:35:7C:F6:96:9E:FC:38:11:30:C2:7D:E7:04:B9:D5:9D:9A:6D:F5:35:75:EB"}}},"request":{"raw":"GET /rtv/012601162341000/ww.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/plain\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nOrigin: https://bonanza89login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13075\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 02 Feb 2026 18:30:31 GMT\r\nexpires: Tue, 02 Feb 2027 18:30:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 318385\r\netag: \"54a305cbe6398cb1\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46254,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46134)","md5":"ae1a533f5fcbc6d77649865baadcf779","sha1":"11d87f9dc9031f15f26e636b09bd7df85c6b8f3f","sha256":"23d57a688e0f7e979a43d516b9b21bfc56c6183329940c5f9ca3b244a45e787f","sha512":"767309f8f0a83122216f03d0607ba7c32c35ef07d0e05e460b317c3cbcf77b40431f5443444cbc1b4e3546787b2a6732a6fc248e3826f821106e12c7f48793ba","ssdeep":"768:bCIFhdWYDWBmSV7rpB67Whklyn2fUHDjkL5TN8pPcsKdN4emH+7URkhVMgyb9Q:hd/SD78fU/ZepwkmgOG","tlshash":"c9231ab433a6546f839290e5005a3009d67f2c6a3007d9fcfa38eed63db199795b6e34","first_seen":"2026-01-27T22:09:22.89681Z","last_seen":"2026-03-17T21:41:49.769784Z","times_seen":222,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Mahjong-Wins-3.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Mahjong-Wins-3.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Olympus-Super-Scatter.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Olympus-Super-Scatter.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Dragon-Gold-88.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Dragon-Gold-88.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Glory-Of-Rome.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Glory-Of-Rome.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-livechat.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-livechat.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 460\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":813,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c0af3bfd49ffc5ae11ba860786cda75d","sha1":"c598e7d6678d0fc928d2c6eaeff83f0b5311daff","sha256":"d1e72ffd39a829fe41c1a53795d8418fea166a070252308ea1098b0b7c2f74aa","sha512":"c65e0fcccaabf7def73e8618cfaed9eeecaf4a47698b732c3d185fc7397c9572d1375600545deddf2bd57aba69ef1049ff28142d2aeb861a3774ad0a0072f356","ssdeep":"","tlshash":"e8011ea8cb38cab0e14c1b004be8271335b10422daba9c0c43297d85e853e902005cae","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.566848Z","times_seen":1134,"resource_available":false,"data":null}},"time_used":8210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-fishing.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-fishing.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6168\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":20395,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1819c49d6da1dcf13dc861e71944c5da","sha1":"92665c967c880845012703d29f7f2ae40142bef7","sha256":"633c84abdadbbe425c75326d7f008a4934225ec8b18b1913331fbc63617433d4","sha512":"80d5029a9305bd7d3f984dd7c41fc792a49f56c98b0f5ef775ec66160e013ceae0a95ee193487dcfe479fa511dcb1efadf74d1e483613a2d672507a65b435427","ssdeep":"192:NZe0uWLKbMkpbqwG8UYMao1X90CAoasSTHdpvLX4AxFl6fY9ZFudw6TJoGiy5d+o:be0/LKbNmApcTRaxfbdl1udtTJuy5d+o","tlshash":"bb9285320b104ae4a76d755c7ce65f9b7f6a8cb9a080418283f6bdc554b3ffb200895b","first_seen":"2024-05-01T03:50:06Z","last_seen":"2026-04-05T13:09:33.538592Z","times_seen":1301,"resource_available":false,"data":null}},"time_used":8386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8385,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-togel.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-togel.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 670\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1746,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b7dd23ca632225a90b6125dbcba400e0","sha1":"1938013a08d268e18e53fbe0529e0753445d1765","sha256":"452d0d167be6ebc49bbd48f064efd89fe8e47c5e153df1fb0689264f46ed90e7","sha512":"2ff7a8a2e3bd2de789f7b36e3700d533b5edd89b8fc1888391fafde5396536f429ca0b3a4df1a859ed0fef25a2893780c1c274a05159950a1e39247892cdf202","ssdeep":"","tlshash":"0331543aebaef5cd5b8fc7040a57524007cec1fa3276e5b28e4e9934c1539b2d2a7940","first_seen":"2024-05-01T03:50:06Z","last_seen":"2026-04-05T13:09:33.517922Z","times_seen":1244,"resource_available":false,"data":null}},"time_used":8386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8385,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Gates-of-Dragon.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Gates-of-Dragon.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12818\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":12818,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f73b2bd30aa4379ea565d0ad4a1d38d6","sha1":"5cbdb411f9030031e5275553310ca252858bb2a2","sha256":"f904ea710c472356fd4ba37aca7e564481684766e54c4c7d450181065aa0ff19","sha512":"8e80238c0256e5c0cffbdcdc26adfb1ed2558fc52d9071a727b434872f3c7480c03b4b082289d5ae4290be2a0fdd9bc3db41b268751591f2f5f21d21a3abe651","ssdeep":"384:CH9NJF4wuyL377RPsJasq42U+XXcpfHTqPdDvu/fOSe:C9FCy/7RkJdJ2U+XXcpfUdDIOSe","tlshash":"7d42c0dbaa187cee02911bcc9d39dc95b3024cac666ae33129d1927537f9057ef41960","first_seen":"2026-01-28T07:33:51.282399Z","last_seen":"2026-02-06T10:57:24.408784Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10851,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/webfonts/digital_sans_ef_medium.woff2","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /webfonts/digital_sans_ef_medium.woff2 HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache-control: public,max-age=3600\r\nx-litespeed-tag: f2f_HTTP.404,f2f_404,f2f_URL.29d8684b9fa7fedaf390ac0d8275350d,f2f_\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"3006.7\",amp_style_sanitizer;dur=\"2188.4\",amp_tag_and_attribute_sanitizer;dur=\"790.9\",amp_optimizer;dur=\"18.4\"\r\nx-litespeed-cache: miss\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":163202,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41320)","md5":"42653088f4046529dfd7d2143ffcab4d","sha1":"4602af81f100e61f1287aeaf94cbcbbbe253a938","sha256":"27f915d1fcbf4cdb4fdfcccc78cfa12cc19258041ef7d656901d5b14d714541d","sha512":"abf910f8fe90ab17826742dbde3aa4e77eaaf6dd9f3acf151b8cb54c570dcd4869671d322bcda709c178685d4d9e9c74d0b02c143fd46f379a8812231917256b","ssdeep":"768:xdWG/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUP3V2Jv0Woa9ML3JGGwMM2iQYo:3V61fSRdVLWUL3eS9Sy","tlshash":"8cf3c662384d106f7117c75561f8f6ab6e45c91fca324a89f4aeabc8c741f12763a32c","first_seen":"2026-02-06T10:57:24.412548Z","last_seen":"2026-02-06T10:57:24.412548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Break-Away-Lucky.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Break-Away-Lucky.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-whatsapp.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-whatsapp.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 680\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1281,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"20b4ab5a4777e715525f59915120cc49","sha1":"e2433d4b70dd2c1636c613fe5d8e9c019423ef29","sha256":"0db788251d2558d029d2873096b3faebb0d5c8381d23e67b12926fe4032b2751","sha512":"c155bebea1e2e02d911e68d27130833473e493df80aa74261a43e449af53b36bf2d362f23644a07010e16996caa2049809ccbc34ca952034d7a8e4b1d5f7e440","ssdeep":"","tlshash":"aa21bb59c3550b32abae075454d4186435848dcc64e835fceb2b84a1f46cff960563ae","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.562244Z","times_seen":980,"resource_available":false,"data":null}},"time_used":7983,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7982,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/uploads/2026/02/BONANZA89.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/uploads/2026/02/BONANZA89.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:10:13 GMT\r\naccept-ranges: bytes\r\ncontent-length: 42619\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":42619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 745 x 238, 8-bit/color RGBA, non-interlaced","md5":"43e7306f6e780cea869eba36a45e3af0","sha1":"32c4f2c3f802bb763d29cda950937eaa14b4bb4e","sha256":"d448e575b51c5479c6aa12820bed456460cc102888184fbcbd09c1038e2c0711","sha512":"138742b91328da3c18f9bcc7cb2769b4d90a817bcada07340c6765ac24488b81cddae94c187cbc56b985bab98585f516b362df1af4a2416ad46cc9d853900eac","ssdeep":"768:rglavHtxnOJkL38WJ/+FGhT8lUSMRqWhHpBSU9kb1YDmDY9dZVdT7Wyx:0Etx9uFQT82SMRqMHpd9kxDY9XT7Wyx","tlshash":"3013df4ee4d2ed1c4df8903e6bb9a6f8032be16fd651085520b89a120e5483dcd5fe7d","first_seen":"2026-02-06T10:57:24.416488Z","last_seen":"2026-02-06T10:57:24.416488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10265,"receive":786,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Nexus-Outsourced.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Nexus-Outsourced.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 33738\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":33738,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"61c703cec49083fd37fc37ed63bbf6b7","sha1":"34210e4c002efdf615625f9fbc9bec3b5b669107","sha256":"03e24dd21c28ce27d3a4e527fd42ed53e56e31e4096062607b22606242ddb7be","sha512":"708fec5cd4ef6a831d6728d8e34f58cac814f9f6c4ddbb49bd08fa3f6594220046e32c131fb22e7b662f12b584271c0b2594a7344a9e8f9fe720c57faeaa522b","ssdeep":"768:1FYyy97nzPQWuuyZCTeK42lgUKU4XwtYZMz6RkTsgoVYH6ya:H0zP1u1CTCYgUKU4XY6RkTIVmHa","tlshash":"7ce2e1cca4619772e6b8b3b851f50bee6375607dd67197f62c82903223b46c286ce1d8","first_seen":"2026-01-28T07:33:51.289662Z","last_seen":"2026-03-16T06:21:15.895535Z","times_seen":4,"resource_available":false,"data":null}},"time_used":11211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10678,"receive":533,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/allbet.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/allbet.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6202\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":6202,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"65385a0b00807c78e9ee11e5e845f395","sha1":"856fc5558ff9ab52c6393ae0cbf830cae288d13f","sha256":"9339336ebd83063c8f03b0572ed4a5c91f3c12452145115387cb78d51980ac37","sha512":"452b8c645cbd6a457b2da98743b2de9e07b022e67f503f716946bf5bdeca3a5ab37b7ec759593679485d22ecee3747f48616324fcfec1e8ed569e7eeffc7dca7","ssdeep":"192:aq/ECTu1GWg09EuSqUrf6RxlO8not0Ww66P7g40Hv:aq/nu1GWRaORrLj9L0Hv","tlshash":"bad1af25ef83053188a9ecb095b226b7003fc7841d30d63579eadc995d319bae4fe5c9","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.408704Z","times_seen":1098,"resource_available":false,"data":null}},"time_used":11313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11312,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/idnlive.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/idnlive.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2538\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"57238310e793f343a2749339be32a3ac","sha1":"95bb671a06008427ede2e08a5463dcca1562a644","sha256":"620a982845b3e7a490990f96b64c2c594bb4d418058873c2a3691e2d86b0cb07","sha512":"233da09c46f08c7b3c28d84317b19761490a6f28aebded877ac5941638cff99a7ec7ab61dcf2de28e71904a131a3333d1f4a8eee2e1f07fc80be9b90cf5a1ef4","ssdeep":"","tlshash":"4d512cce9a129a428aa9e54724e80011862b0a414860afdcf54bdc972d7617f416b7de","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T12:52:14.370117Z","times_seen":1001,"resource_available":false,"data":null}},"time_used":11312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/cimbniaga.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/cimbniaga.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4479\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"2087dff12e46598a41c3905e15cdb3cc","sha1":"92f95c09861ff5062b8516637cb603af899ce24c","sha256":"445ea56b2ef984b9e6d96eb3023752e90a16a6c48ae1eef2103384b9e01a188a","sha512":"debab03f9bcf3fd797312723ca30e2e3387b696e11e80761eae0d36a7141ff228c74a28507bf77e10d92e45716face6908cc737b70a9a89f6982fb83f2eb8660","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nTk/TzDJ0aXIzQhBewNVlBza:wSDS0tKg9E05TUzGlgBxPa","tlshash":"c5916cdfd991acdf398fb8110c4c6184932e26bcde5b317456a1a9cf6052d174e7a0b0","first_seen":"2026-01-22T12:16:32.941401Z","last_seen":"2026-04-02T17:09:56.195962Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11312,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:37:36 GMT","end":"Mon, 13 Apr 2026 08:37:35 GMT"},"fingerprint":{"sha1":"92:C5:4E:6D:40:0A:B8:2E:B5:9D:CF:E8:63:E6:D4:FA:C8:C6:F2:11","sha256":"B0:B2:FE:64:A4:3F:15:8A:DB:43:35:7C:F6:96:9E:FC:38:11:30:C2:7D:E7:04:B9:D5:9D:9A:6D:F5:35:75:EB"}}},"request":{"raw":"GET /v0.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bonanza89login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 63517\r\ndate: Fri, 06 Feb 2026 10:56:55 GMT\r\nexpires: Fri, 06 Feb 2026 10:56:55 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"5c6bb66c7739a4cb\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":228233,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64621)","md5":"c7aed616980682321cddfb9b8cf5562c","sha1":"eef8ab735f5db076a2d75e2aa0eed2a906e5acf3","sha256":"a7ecf95bf8e77d736137458ca0e73cd7d0bbf0b56be119719ea3676fa92e6a87","sha512":"b073068035bdade94cbacabe7d4b3e5e7d441fdcf45f6a0e861ee7923844150f3bd033f57c1a2881b4f8d0d21326d02f660a07f0d7e64010c3ba8f3d95abc509","ssdeep":"3072:5HZ1lahpWCJEM51jrASXXMdrRrNWeEUFgmlMg3:L1lahpWCJEM51/AHdrRrNWnUFgOB","tlshash":"7524d5a63296b03247e555f5d4774002e3296998340b806cf86ceecb7cb9d86b1b6f7c","first_seen":"2026-01-27T19:56:43.462935Z","last_seen":"2026-03-17T21:41:49.827118Z","times_seen":383,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":120,"dns":7,"connect":16,"send":0,"wait":28,"receive":38,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-slots.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-slots.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 843\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2162,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef0e4e782cc54cb0d60cf0527e048f93","sha1":"c500e4073082982156fa0be7ad7bec3bfdad87ef","sha256":"8815a05be68a8b3badb9c9249133856d872cd28732fb31f413281d4fac259aa9","sha512":"49a3ef902d5bae46b6a7a99d60fad3a021ee03b3104e8463ccd8fd4509400a3a73f8427168a7d0fae46363285d71ea819898ea8e328ff072fbc0e426acd45d2e","ssdeep":"","tlshash":"fc414a3b03039ddaa99a8f605a39258875e0dccbf87595d4ef1b3826e18c8c27d6c394","first_seen":"2024-05-01T03:50:06Z","last_seen":"2026-04-05T13:09:33.556593Z","times_seen":1242,"resource_available":false,"data":null}},"time_used":8206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-sports.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-sports.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1290\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3348,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0de92a71fbcd1cfe5594f9b569c655a1","sha1":"17f920aaff1dfd8bc5ed654dc95e881ec9885439","sha256":"bb0b9d56610645ce9c731054fbe64f5ef0d5a7925e5b7ba2ba954954ed61f5aa","sha512":"8e4d110ae80609974b584c7d2439a0a96ae2ca0710bcf0625a79fadd14a81e640a820e339ef583ad869b4e6d45017e7b8d00903d9ffffd6de01e8f95743e9441","ssdeep":"","tlshash":"1b61ccbb13fd511daf8f4304895a1683179d94ea3269e9f5be0df830e0239b0d16be94","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.548138Z","times_seen":1212,"resource_available":false,"data":null}},"time_used":8207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Mahjong-Wins-3.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Mahjong-Wins-3.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 14244\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":14244,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d77012127b4754e84eb8050a7eace03f","sha1":"eece540673490d59a9f11d4a07589813dfc4d1ba","sha256":"8cb5020541a925d56097ec88e9f8221509aba0382ef7536d0b3f02df2ee3593a","sha512":"a53df62b62239c867e19b30fc025bfa586ad3fbd1f4d80713c23848463dae312660aca9d752a3b8541a9a89c9a144bf8b50baf724ccabeab57a46ce6f5afa76d","ssdeep":"384:KR4s1yyOl1jgYPl4GFDSC6rLn6GcdxoZr4:reCrjtt4EDSCu6G4xoZE","tlshash":"1252e1acfd1152b0c7300df90f3e0c9462c6a712129dab79d6c5c29e9f44c1637a9317","first_seen":"2025-04-20T20:42:45.306905Z","last_seen":"2026-04-05T08:20:54.904148Z","times_seen":296,"resource_available":false,"data":null}},"time_used":10445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10444,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/spadegaming.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/spadegaming.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3154\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3154,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"320cfbe4a80279d60708101c0b0e43f4","sha1":"944fff69fc23e6acf1abeada1854e9234805f5e4","sha256":"5737cdb9d5e20e199690ce65b1477bf50e6d76e6ff3af2ae1a3916eb52277f6b","sha512":"cd06cd28bcdbf5a094d9bd2650e182cead0348ae5e904529ade137b00e57261b3b48b4de5ec2801cf5f2ff3e820e2764b9b83d7e3e057e4b3a2ea42f13e83aef","ssdeep":"","tlshash":"99514d5ac712dd80508e8d0738e1e976e53574004b71a938bed98dde391c6e3cc68ee7","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.38246Z","times_seen":1103,"resource_available":false,"data":null}},"time_used":11219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/joker.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/joker.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4467\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4467,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"d6046ada089141ed514a2c248ba348a9","sha1":"ac6af3ec4c8d0025c3498501f0b5ff169f50fdab","sha256":"a5894ebe20a0a276641ce8fe77f073ea3127a35e307937d00d46606a6d07e5e1","sha512":"9bec604475449cfffc72317d9ece25fb7ec460b1f463d288052c6a436d26848116b60832425da59d040aa1f43ed4964d575442480231030d8e797a89daa3a494","ssdeep":"96:aqQRGY0xUhfkh08d2luU5IqeesF93z/mc1MYtWum:aq+0xUS2U2lueny93z/mcyYtWum","tlshash":"fe918e58dd037e0e5d5e0a9230e85d9688bb8502deb4b81e78d7c2cb42f8166c85f6f7","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.404044Z","times_seen":1096,"resource_available":false,"data":null}},"time_used":11218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/danamon.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/danamon.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4219\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4219,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"23d36ecb0b085809298eae551d9813c5","sha1":"3777eab16c5d3dfd838253bc4c46ed7fef23ede7","sha256":"60f80be5773517a614363d18815d7e2e00ae181e28fa1e36b920d24135f6ce6d","sha512":"d189ecf5eec854ad856e42b0066ee4c04ab0a687e96bd6feeda67021ef2550746babe5f8c614ad7c1d46d5adae4b5a061b20e21ebaae73bf4138886ad58472c0","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nT7j0Wy+zTne4uNCvFq7:wSDS0tKg9E05T7j9Te4Vtq7","tlshash":"9c918d9e4af0609e78cb38730cd90392eb31339c62123a3891c129ce4065e0b5fe50bc","first_seen":"2026-01-22T12:16:33.016333Z","last_seen":"2026-04-02T17:09:56.223618Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/bni.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/bni.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4255\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4255,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"54251557a87ab947449875ec3fc7474e","sha1":"bf2895e5a36a0f677730d266feddb34112f79653","sha256":"afbbb50fa5d49f3495b48f71b454efe7b769fee74e200b0244282f01aeb22dbc","sha512":"a70e7822b1c4fed29363a2195d2c6fdc1fc7f6e00cc4f959c2e876ad5653632edbf67af42a41c1d3c50cacdb8bce6301ecb100eef0187c36d512e0ab700384e5","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nT5E3lPwKJr7qhFAc:wSDS0tKg9E05T5tqgf","tlshash":"34917e5f97b0704d399db6424ecc1985cb9c63bc92266a68e4c059ea1064d12afa60f5","first_seen":"2026-01-22T12:16:32.983495Z","last_seen":"2026-04-02T17:09:56.282427Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/webfonts/fa-brands-400.eot#iefix","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /webfonts/fa-brands-400.eot HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache-control: public,max-age=3600\r\nx-litespeed-tag: f2f_HTTP.404,f2f_404,f2f_URL.b268e6a296d3581833b9b9d9b2489203,f2f_\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"3275.8\",amp_style_sanitizer;dur=\"2390.2\",amp_tag_and_attribute_sanitizer;dur=\"864.3\",amp_optimizer;dur=\"39.6\"\r\nx-litespeed-cache: miss\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:57:03 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":163191,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41320)","md5":"183fbb30454485503c55f6283abd099e","sha1":"bc197f24971776d54b3466877bc6a8d71481592c","sha256":"f938c7b7acc7a3a758c2102b825b6fe1ee49206ab7f6b3ef799ca37bf98f4fa6","sha512":"83c45120cd1dc74ded34db1d4dbc5c0f97b241df0c704c0995f237d5dca56d05e15f6f07fff0eb63d1d5b5c3f41ba90366dcbdc1a8e9b2fb36796e98080deffb","ssdeep":"768:xdWG/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUPuV2Jv0Woa9ML3JGGwMM2iQYN:3V61fSREVLWUL3eS9SP","tlshash":"85f3c662384d106f7117c75161f8f6ab6e45c91fca324a89f4aeabc8c741f12763a32c","first_seen":"2026-02-06T10:57:24.433678Z","last_seen":"2026-02-06T10:57:24.433678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-bind-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:37:36 GMT","end":"Mon, 13 Apr 2026 08:37:35 GMT"},"fingerprint":{"sha1":"92:C5:4E:6D:40:0A:B8:2E:B5:9D:CF:E8:63:E6:D4:FA:C8:C6:F2:11","sha256":"B0:B2:FE:64:A4:3F:15:8A:DB:43:35:7C:F6:96:9E:FC:38:11:30:C2:7D:E7:04:B9:D5:9D:9A:6D:F5:35:75:EB"}}},"request":{"raw":"GET /v0/amp-bind-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bonanza89login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13873\r\ndate: Fri, 06 Feb 2026 10:56:55 GMT\r\nexpires: Fri, 06 Feb 2026 10:56:55 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"600a9367bd5133e5\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41957,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (41829)","md5":"920f912c96b9f765bd48268aed9e247e","sha1":"a92d7399f3c20e997d854f699a6175848405a5b0","sha256":"50967b8c93756d78aae4937a33646501744a94d3c0d7d7cacaa2c74b3ac0f090","sha512":"b808abc3af44a5607437b95a058c7a71650517cc9f66d4a473f8ced66d1010268c08d823db3ec81379c7e161edef617cf766e1ad89d0e1eb70cd5bdd61867c29","ssdeep":"768:lXCsqZrGK6LtckYuN3WMoT+TfmdURuSlnc5Ql0p43fHL3+k4OGeUiBIKHX4hR0Zd:dqOdLtLYUESdcw3ze5VJzkFnJ2U","tlshash":"a913ebb53292a43747d648e694377012e32d2956300ac8e8f1aceecb7c77955b1b5e3c","first_seen":"2026-01-27T22:09:22.884947Z","last_seen":"2026-03-17T21:41:49.822487Z","times_seen":222,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":136,"dns":5,"connect":19,"send":0,"wait":26,"receive":4,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Wild-Bounty.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Wild-Bounty.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10658\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10658,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7800b3dd65b012e5a998c3f4e2551649","sha1":"a8a8d9438fc391fe55aa3a878ae515f2c5076980","sha256":"1db58d5601dd8d3b42dec6c2a01eb97cc812efb938b5b6045453a2fb84d383af","sha512":"d66c8b299d8d0d5fa06742a9eff9e8c4e9f4a6c316a4a5ee81ca5e02a0f1401b87d512c090884096123667554743fbddb33a78b83c89c29cd227ce4638dde2cf","ssdeep":"192:l8M3mgHPWbCB0EWae68rC3hxS4jr7CtJ6id/xZP+bRmElxMUd4s:eaB0l6P3hxS4jCr6E/xKL+KN","tlshash":"f422d007ad40547194ae3363ce78e98757e0260962cd7fb1eab2e8b41d27212d5e60e1","first_seen":"2024-04-29T04:54:20Z","last_seen":"2026-04-05T13:11:55.782163Z","times_seen":331,"resource_available":false,"data":null}},"time_used":10680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10678,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Rhapsody-of-Muertos.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Rhapsody-of-Muertos.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 14750\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":14750,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c51957fae2f20f75f2fb0c5d5555ce2f","sha1":"8c53b5c9d85d5df2da037cf24a2f8eadd4d898c9","sha256":"d46c2a09ccaa73222050613f2dc272d4aa99d05d26fe0bb3160adbca17ec187f","sha512":"befe60f8e87aa51b836c084e2bc0bd16de4a43287351a200607418e4d507aec1f2bf402892595cd439692a589588c0f456910b9c217b2c90db5c6357f06342ed","ssdeep":"384:9/Enstp+JcxL6g4OAreyYEBFGZ4ZwZG1n59+:9gyp+ql6g4bCyYeFGZuwZ+nr+","tlshash":"9e62d09ee9cc384a5664fc58d22720a8eda505632b3f53c40f2752e786661acf4b6ccd","first_seen":"2025-10-06T04:45:30.577559Z","last_seen":"2026-04-03T08:34:15.403335Z","times_seen":49,"resource_available":false,"data":null}},"time_used":10852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10851,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Glory-Of-Rome.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Glory-Of-Rome.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 11478\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":11478,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ede9ca25103afdd30f3758cbb873c413","sha1":"1075785da8cbc816c8b80d7cb5456c64386708fa","sha256":"59e19161b4bbc4d5df5b7b5dc9dd41b3f5c7dc3581b43af9003960dbf4654977","sha512":"7dc9b7e1c84fac084172b3fd34d9cb4f52c03f569d8bd7a436280da4e0e7a1369148c1337d9b6d152531c4ef05786d2ae7d7cabe3d8416887d66e338e3ed213b","ssdeep":"192:pL9lz+BtW6r4duPs9pta1xN8UqHI5UrYZDKzaNWS9Ku3aA+6X1QdE:pLT+BtWY4d0sTt4xa7HZrYUAWS9Kuo1E","tlshash":"fe32c0f006a8d6a883773c103e492323f20b24aded76e9d2ff972511507f286a16d3b5","first_seen":"2025-10-06T04:45:30.554262Z","last_seen":"2026-04-05T05:12:25.281867Z","times_seen":56,"resource_available":false,"data":null}},"time_used":10852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10851,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Koi-Bonanza-Jackpot.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Koi-Bonanza-Jackpot.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 13442\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":13442,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1562e29fa00c71ef704590bce9c23b61","sha1":"c433d6aa7d84366efa20eae43267d7d54cde8f86","sha256":"65eb24261f3dec77f4dc817136eb2e85bdd31ed38746726591b1517a68429952","sha512":"3ee09ea19122c850418060d5dba1aa3a783f13d734aedaee9261bcac63a177392b102d788b80d8550d79340847e48bc5f3032ba80685e511479338ce918db7be","ssdeep":"384:iyr2a6eQQqJXhLpqD0PbG8WONn8sJ2iO777RUNfR5l:GeQQq9hN7G68m2is77WvP","tlshash":"4752d0dd95a972685547c12bb386188db9aa3d894258f31c606a9dd5b4bcb0818c0c33","first_seen":"2025-11-27T02:42:22.314223Z","last_seen":"2026-03-01T09:06:13.482329Z","times_seen":10,"resource_available":false,"data":null}},"time_used":10851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10850,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Caishens-Gems.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Caishens-Gems.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12508\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":12508,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8e631ec7b8a640617f470b2b8e125ff4","sha1":"73bd70ede8bd4a67202e875653b24020993ea288","sha256":"6cdeef17f4bc87bfcdc973a6f1ed75359b26b23b4f245b3534c0a86f5d55b2e4","sha512":"7032682dabf36b4ddc2d72c879603e88225f87d8b7d93f0ac76afc157fbf0eb0fc13ef78a60abcb85987aedc0ebd468dd073928eeceee3a215ee412f6243fda5","ssdeep":"192:hKv4UC5+07jQXpBpOdUztwOp6KlZZgfttAjnYyR7fbHyNp/sB4/VHlFx0q1d:9fvQX5xzB4WLgfAZmNh44/VHlFxX1d","tlshash":"7042bfe3207b4ffd04b94daa51723c7553721788d909bd7e06d75b62886937bb270c14","first_seen":"2026-01-28T07:33:51.276038Z","last_seen":"2026-02-06T10:57:24.442921Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10850,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/pragmatic.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/pragmatic.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3952\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3952,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"2b7c9803856443d10c0ec7ba404448c3","sha1":"02dd3b31dd3934519bbf7f06335e556c66d3b3b9","sha256":"63aca758fa264a3c3ef204bac37c08e30dd8d06a308bd77194884a343a086dbb","sha512":"ca1492e4fc6743741ae13ced3558bc2d4d136021ccb39d425d0ce73f42ae27fb9715960c740b98ae643c7068f022262c349c231cebda78c2991d050250a0a6ba","ssdeep":"","tlshash":"c1815c29f2c05f059194996258fd293791f25e50d5a08e3e8bebc47408282fa897ccff","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.402422Z","times_seen":1102,"resource_available":false,"data":null}},"time_used":11220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/webfonts/Lato-Regular.woff2","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /webfonts/Lato-Regular.woff2 HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache-control: public,max-age=3600\r\nx-litespeed-tag: f2f_HTTP.404,f2f_404,f2f_URL.3f665555ade4a4a3ad36615dd73ad238,f2f_\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"2822.2\",amp_style_sanitizer;dur=\"2128.2\",amp_tag_and_attribute_sanitizer;dur=\"659.8\",amp_optimizer;dur=\"31.0\"\r\nx-litespeed-cache: miss\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":163192,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41320)","md5":"55837d8184a7acc3015461d08ba272a5","sha1":"baf4d15d236ced7404611357c679fe43c747210c","sha256":"c8be657869f203cbd719183628b4e629b98db014a2be90cf88895e646ef783fc","sha512":"f841ae73c68c6be1701640766f29c3acb1edfc53aa848269330d8d3be085b580605246d64b0e96cbfcf34930406421a40095add0afb0e1f2cc8a1d0296e18201","ssdeep":"768:xdWG/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUPGV2Jv0Woa9ML3JGGwMM2iQYo:3V61fSREVLWUL3eS9Sy","tlshash":"58f3c662384d106f7117c75561f8f6ab6e45c91fca324a89f4aeabc8c741f12763a32c","first_seen":"2026-02-06T10:57:24.462885Z","last_seen":"2026-02-06T10:57:24.462885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-anim-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:37:36 GMT","end":"Mon, 13 Apr 2026 08:37:35 GMT"},"fingerprint":{"sha1":"92:C5:4E:6D:40:0A:B8:2E:B5:9D:CF:E8:63:E6:D4:FA:C8:C6:F2:11","sha256":"B0:B2:FE:64:A4:3F:15:8A:DB:43:35:7C:F6:96:9E:FC:38:11:30:C2:7D:E7:04:B9:D5:9D:9A:6D:F5:35:75:EB"}}},"request":{"raw":"GET /v0/amp-anim-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bonanza89login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 1671\r\ndate: Fri, 06 Feb 2026 10:56:55 GMT\r\nexpires: Fri, 06 Feb 2026 10:56:55 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"46c263938b19c9bc\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3802,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3688)","md5":"44f2b013639f8aa043f9e4a06772c284","sha1":"9bdc3848eeb9d64f57af9c3a7d382df775eb4baf","sha256":"fb165f97e946cb1766950277393535b031b7f3b8197ee7707eb59b69898b24fd","sha512":"ace7763f3bd8b5f8791abef78cec2abe1b12a35f5fd0cab3d992ef25f16aa03bc289b361dae2edb7e4fd30ab3b68d5f65e8adc34e67a1d7b5442e768dbbc4a0f","ssdeep":"","tlshash":"a671c7b83186b5769f973ce245275401fa39643a3407c868b168decf293ac5624b6f3c","first_seen":"2026-01-27T22:09:22.829762Z","last_seen":"2026-03-17T21:41:49.770725Z","times_seen":219,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":132,"dns":6,"connect":29,"send":0,"wait":25,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Nexus-Outsourced.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Nexus-Outsourced.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-casino.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-casino.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2910\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":8470,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d3f6db64f19005491ec2f3ccec8a4957","sha1":"02cddda4df6cafa00b756eaa9094b808946a98f5","sha256":"1682180332236ff6d603316b2d09d1c467523dca0729d7653ef121518f3b2d29","sha512":"340a586c601ed1cba203e45ac120d1b21e0d29ab1358dcfb4a1fa5fdfaa682e582bfeac42056ef08df7ed07e2b7d5c70b568744348c849e7b0bffbcefe26315a","ssdeep":"192:dYpgRwmUX9gg1nlu7f7sQD2HPP9nSvBjJ9h0N9jeG:dAh7qWu7fjD2vP9EjQJD","tlshash":"1a0206170302dbdafb9d4628a929148db5d0dcdbd4b0e0d0ab6b3416e58d8e5be4c7bc","first_seen":"2024-05-01T03:50:06Z","last_seen":"2026-04-05T13:09:33.560169Z","times_seen":1243,"resource_available":false,"data":null}},"time_used":8206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-gacor.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-gacor.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5154\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":7663,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b9ac3698353188323aca1e72b0b415da","sha1":"c28c2c237808f3f960aa78f35880123679e14084","sha256":"f80d635418113fa7972b15027e670b2706ee2820163b62b2f27145f9073ac0b0","sha512":"7aa2bf1158e6546e9e8dd9784f7f67f95cab57d65d918b0598d781f26b5f973776929af9976112d7cf0d0bdb187dad6ea59bd15d126f0d7b2718dfe4802c8cc8","ssdeep":"192:1opYUslj6GuF9Tf9kLkAPEj18y2Ysi4My8O+:1oSlmNF9Tf99AEJaY348l","tlshash":"10f16c19a178ec2fdbf4817270a740546f1a5093f3b357c44ea203b38a0da55049aefc","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.522207Z","times_seen":1152,"resource_available":false,"data":null}},"time_used":8386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8385,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012601162341000/v0/amp-loader-0.1.mjs","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:37:36 GMT","end":"Mon, 13 Apr 2026 08:37:35 GMT"},"fingerprint":{"sha1":"92:C5:4E:6D:40:0A:B8:2E:B5:9D:CF:E8:63:E6:D4:FA:C8:C6:F2:11","sha256":"B0:B2:FE:64:A4:3F:15:8A:DB:43:35:7C:F6:96:9E:FC:38:11:30:C2:7D:E7:04:B9:D5:9D:9A:6D:F5:35:75:EB"}}},"request":{"raw":"GET /rtv/012601162341000/v0/amp-loader-0.1.mjs HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bonanza89login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3937\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 03 Feb 2026 19:19:25 GMT\r\nexpires: Wed, 03 Feb 2027 19:19:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 229050\r\netag: \"92b17aa6d09710e7\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12361,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12245)","md5":"fd1e9230f8bce15f2278c5a542892ab4","sha1":"3cc51cd0547626645b968d0abf7db7d3cf81ea0b","sha256":"b8b1fd0ca593bd5a92c5d53632f316d98505bcbfe63069dec8cc248edf8f10b8","sha512":"e3799fca7e4e2562d5ba055e657a6b5ac5eb5dbd1b424a58dbe497a1e34f8346a5cd32a40358f5321105a00b9eee3fcef9e416532088bdeb09c53150d8a29e40","ssdeep":"384:Ho39KdedznnH/axp6ulqaa5F4g5A4WR2vCk:I39KMdTfaD6ulDa5F4g5A4WR2vCk","tlshash":"0c42a460a60ba2ac530342f488f5b856757ccd4fb8104079f0604ededf8ae54bdbb96e","first_seen":"2026-01-27T19:56:43.459766Z","last_seen":"2026-03-29T23:21:07.911016Z","times_seen":339,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Ze-Zeus.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Ze-Zeus.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 26598\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":26598,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32b610e00c2ed626648afc51b83d3181","sha1":"98764da8b102efef4602f4147dbc0f3299ce0579","sha256":"55753f04ee79db6ab1ce379f12adcb9006958d1facc2a79f60ddc8823fde2a9c","sha512":"eb242a2efad6122bd0d9cb5ee4a9dd455f280c372cb097dbe54558d2d9a678ce418e7831d1cfd0bb68402f21bbdc8f2f81c0a81330c2ea3429d7d20a869ede75","ssdeep":"768:VuYyyqydNNfdIHuS6HHEqQghpPpgNSHifL9vf9gInHIRl4:AuFKOqghpPpqSH8ZvfVH","tlshash":"1ec2d05a9fbd7a43cef2e6309b967f8876c7b671e710979510d8020d605d080aecf16e","first_seen":"2026-01-28T07:33:51.320469Z","last_seen":"2026-02-06T10:57:24.469651Z","times_seen":2,"resource_available":false,"data":null}},"time_used":11039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10677,"receive":362,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Dragon-Gold-88.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Dragon-Gold-88.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 11710\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":11710,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"77462df0242a4e9a668550e25c21d0cb","sha1":"04e90e63d396877126412bfd3a686dea8b3b9dba","sha256":"1d1294bfd519490df5ce65d1e6cc862a2e5f2497a6abe48e982e6b5900b01b23","sha512":"f67b7fdae17f8ca008f4c6b1193f6aba7ac752a8c2a6e8133e317de1ebd75b37f9b0ae69f5814ce29cbc4af909bdf60ede02725f4c6dd7924c4a885f79bdd4e6","ssdeep":"192:eFAgKe3ZZbOgFPmnfGqq4Guc+tRjMXOU1BUGxIHexfXX8b18NXhNwa3OILcVP0Vf:wKe3LPHq4/asTxZNXhNwpbP0VJ1","tlshash":"8332d0003604b2d4b0b8924e4e6c40b4fd68c51a4d37681f97b5fe41bf6d99b378907b","first_seen":"2025-10-06T04:45:30.549605Z","last_seen":"2026-03-31T20:25:10.210828Z","times_seen":42,"resource_available":false,"data":null}},"time_used":10854,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10853,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/webfonts/fa-regular-400.eot#iefix","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /webfonts/fa-regular-400.eot HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache-control: public,max-age=3600\r\nx-litespeed-tag: f2f_HTTP.404,f2f_404,f2f_URL.6a62346fd2d9df9be65d661eb8410483,f2f_\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"2909.4\",amp_style_sanitizer;dur=\"2099.8\",amp_tag_and_attribute_sanitizer;dur=\"796.2\",amp_optimizer;dur=\"27.8\"\r\nx-litespeed-cache: miss\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:57:03 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]}],"data":{"size":163192,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41320)","md5":"4d515618cf6d7d56f87c9f2119e9e01b","sha1":"e8bda9c09b89cad390bd10a472ee23549055c3d4","sha256":"5b63da5f17bdc058b6d764fc3f491591b948efb6b6c2dadbabdd941b43df7927","sha512":"653958d0e8c073b33eacf49cbd462a79f1a73c3373c14149d43ed3c2e36fe169003cb4ee5e02bcb652eeeb80b922dc7e9ab8b76ab43c5c02d6a71564536346f2","ssdeep":"768:xdWG/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUPIV2Jv0Woa9ML3JGGwMM2iQYN:3V61fSR2VLWUL3eS9SP","tlshash":"b6f3c662384d106f7117c75561f8f6ab6e45c91fca324a89f4aeabc8c741f12763a32c","first_seen":"2026-02-06T10:57:24.474679Z","last_seen":"2026-02-06T10:57:24.474679Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Olympus-Super-Scatter.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Olympus-Super-Scatter.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 29338\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":29338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2c4f3b7bcce578248aeca202ed8f1c38","sha1":"7c376307d253e2a7626fc51ccf756e6586ef437e","sha256":"ae4c722c4d93e330cd4b640f27806b779ce39251dd756ea2acd912472a3b8c6b","sha512":"c00a24c9dd68429e10bd13148b0570eee7797bba15a5f4b1cd1aef5e64268e0558bc0db8d26fbf886cceed777a754c1b78a693d3e2a27abc142951f30a18be04","ssdeep":"768:wFYyTg5a6kTGiljJ6YLRbEHrwe8J4bJbNOg:YW8TGipJ6504VbNOg","tlshash":"79d2e1e2b3d6a3a1d05485323c774ba99262d66db3003d52e573be1750601a1cbe23bf","first_seen":"2025-09-20T09:49:18.445001Z","last_seen":"2026-04-05T08:20:54.929762Z","times_seen":239,"resource_available":false,"data":null}},"time_used":11043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10680,"receive":363,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/luckyTwinsNexus.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/luckyTwinsNexus.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 13100\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13100,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"39e01a11cecf194bfd0dd88539e61350","sha1":"62e5107fd7253f2e0c1c31bea6baa79f18d52cc0","sha256":"de815985cca45ef8e93e564749333bbf84be1a054961f86a06b038ef56464fed","sha512":"91be7f79f1de7726c40701324c0474c56fbc3e7659b08406b7bbdc2097e92e7f7bc2ba834d0c1cc3370c43d91b12e585956cf6fe28055f11d2954eccb72e92ad","ssdeep":"384:EXJHsBeNgdXLlO6ToF5egjwWrPJ0EQPMhMCVZg6/:YHsBeNXhF5egvDgWMCV7","tlshash":"1842c052bc432e66ec0f7f2b8354837163e81ad4e0d4cb434ade1277d60289d6dd1ea2","first_seen":"2025-09-30T11:15:33.678272Z","last_seen":"2026-04-05T13:11:55.739173Z","times_seen":300,"resource_available":false,"data":null}},"time_used":10680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10679,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/9-Masks-of-Fire.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/9-Masks-of-Fire.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12338\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":12338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8a9782793fddd2b8e5c0ebf5907e6166","sha1":"b9a41e73be253b15ff4284871e84ce5ff880e9f4","sha256":"70dbbfda2f6acf8d725a56497712bb54fdf4d2ad556e92f39e2a856b53a90fbd","sha512":"de25cad57944a3a368f3504b4cbd12aea75449dc4be1b223165a7a46495eab158db88965e913d7451385c4518af63f8861b30e68224ca5c8d87ad6ecca2cb3d6","ssdeep":"384:kSk7VpqJn9bFnbRrDA9qVGYLChnqSTP2k:889bE9/qSnquV","tlshash":"5d42d0b9dc1a59a118666ee368d81ec555440ab3739183bdee4b9afc4f820c10b7fc4d","first_seen":"2023-08-09T13:38:15Z","last_seen":"2026-04-05T05:12:25.251893Z","times_seen":45,"resource_available":false,"data":null}},"time_used":10851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10850,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Break-Away-Lucky.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Break-Away-Lucky.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 14166\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":14166,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2413e46f78afccff9a29a486a6ebb571","sha1":"62144cb6a9d7c9008a290701285dbe5f665ad31f","sha256":"5bf912addb79c68bab82b5f021713b9c292328792e418bd1708f128c3a15b48e","sha512":"a06874bfccfc3b389ce9fdf48d3adf093cfa1700f91ca3aa3ce3c340cd8d85d2acf7339ea249faf33780b8c4c3abed782008c13440bdc957bedc0fd1089b911c","ssdeep":"384:0s9WtOq31W3T6NHXKjrGsJkZQoMsd4StXFTTvsTJ:59WcObaX7J+1tXFTTU","tlshash":"7852d177c358ce4751a5e88c74edff57a2ad26fd842cc8f9c6194286036f08109e3785","first_seen":"2023-08-09T13:38:15Z","last_seen":"2026-03-29T15:05:17.791157Z","times_seen":33,"resource_available":false,"data":null}},"time_used":10850,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10849,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/cq9.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/cq9.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3806\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3806,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"bf1d52938982261ddcc79fb95c2a67f4","sha1":"f51ff53053d641f7cf4bde754fc958e48d682656","sha256":"c919e7e1680f99113b1a2d673dd57218002ba9ca1b020c51d5aa035778038ff7","sha512":"0d5e74d3d48092626a8c2cee6fea119b29efab3fdf5aebcfa3a61c26dc02cd7ccdbf9e7655cfef3b9effa0fb9497338516bd8e03a85680f100bc286aab7eae7f","ssdeep":"","tlshash":"85716b68e6422841968cf5d6a4a81c637d2f00400b90e930c4dfc46a3eb6ab14b9d6cf","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.44502Z","times_seen":1101,"resource_available":false,"data":null}},"time_used":11219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/ttg.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/ttg.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3158\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3158,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"f177a8c24f7d00627f779b1544f26d7b","sha1":"1f88ae42b70427e917294beb790bda84321cd08c","sha256":"2c7aa701640a5b7503e3ace14124357537d5698ad832c1217a7c3290ccb64372","sha512":"dc8232386fc9dc22e3cebe562d6c708aa078294ea16f30b4d0d8bf1349e0fe743d9a8b3a7f287732f46e8eae0a60e2f2b4674298bcbf78b7fbbe20d4eb5d02b2","ssdeep":"","tlshash":"66511b52f65a6c4255eda08478f294338a3305120a54f0a5d67b484b8d8b3ea77cdaee","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.422325Z","times_seen":1097,"resource_available":false,"data":null}},"time_used":11218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/gopay.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/gopay.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2566\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"b8771de54536e9d754dc58a51d9da827","sha1":"5740b8950fb4137da7040b6e929fef6a371504d1","sha256":"450c5693b4a594e025753ada485c95646f6f9b95434887a2b9be52776aad1397","sha512":"6388ef540f6228b2423372814408aaa0bdc01ea66dc9dcaee162c9b0813677177fadac544b34ac7f6b3b472bfd186b9f1d6a86921e3f5794a6b2fa9fa8a06f9b","ssdeep":"","tlshash":"fd511a1dfd04bc43315de2671ce15526ca04acc0cde1da2bb65fc417aa746d04aaa9ef","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.376877Z","times_seen":1004,"resource_available":false,"data":null}},"time_used":11376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11376,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T10:56:49.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://bonanza89login.com/wp-json/wp/v2/pages/13\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://bonanza89login.com/\u003e; rel=shortlink\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"1251.9\",amp_style_sanitizer;dur=\"663.4\",amp_tag_and_attribute_sanitizer;dur=\"510.3\",amp_optimizer;dur=\"73.4\"\r\netag: \"1629-1770153417;br\"\r\nx-litespeed-cache: hit\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:56:54 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"WordPress:6.9","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":166180,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (42359)","md5":"301cbea1bb140651eda25c03baa856e9","sha1":"b922848cf8a41db54de239190f67a6712903a40f","sha256":"c7acda9447b2b0a1e2bf6f902a6906912b99466cb33f4c4cb0107a282e9d9087","sha512":"dfda2bccd33fe34988fb6ff196e6bf0355406a97c159533fba5e5256cbcd3d6ad924c654367460a70311b65f4bcbe5869bad3af5971a8a22eb3a229514b59954","ssdeep":"768:xdWQrnf/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUa9/RV2Jv0Woa9ML3XGGwM4:3BH61fSRSVLWUL3QS9Sb","tlshash":"39f3b662384d106f7117c35161f8f6ab5e45c91fca224a8df5aeabc8c751f12763a32c","first_seen":"2026-02-06T10:57:24.492053Z","last_seen":"2026-02-06T10:57:24.492053Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6705,"timings":{"blocked":950,"dns":52,"connect":181,"send":0,"wait":4805,"receive":0,"ssl":713},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/slider/slider.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/slider/slider.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Tokyo-Drift-Nitro.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Tokyo-Drift-Nitro.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/ioncasino.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/ioncasino.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3220\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"f52b79a28e4fe23c2d7034200ec49243","sha1":"9e7090b05b1e04a59609aaa74023d254829c9b86","sha256":"2f413a04bfddefa9057a4a1c09ffebb389b048bff9a62717f64a292f2257d288","sha512":"a869da32caf575eed45a705779742b96901ea431bc4722131c930c0909359141abaf346ae6d43bf29a67235d8f8ff3f4c2d8a6eb86932aa52671175129dfa8fa","ssdeep":"","tlshash":"1b611a5e9e119c0d785ad94138f8a09bc632c144a870e905bad29d2bbd342fb9495cff","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.398476Z","times_seen":1097,"resource_available":false,"data":null}},"time_used":11312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11311,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/mandiri.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/mandiri.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4292\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4292,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"65b89fcefee921fc82b16cd4dde56787","sha1":"c0ead32e91f8febc95ebae95c0d25b614dff8f8e","sha256":"72946af882913ceb6bb6eae8db0807ce27285c3ea1e73e53afbf28da7d0bee5c","sha512":"b963a78296b3ad28211ed7d94403eaa8e9bc4637b6e9b08988a4aa78070dd95c38ee7c3fe206ac845fd4ef15425e7a9a8c86ad3820d6c5aa6fe034a04b4e754b","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nThSPdy7SfQavxJeAbu:wSDS0tKg9E05ThSP474Qa7eAbu","tlshash":"8c919fdf4920a8de34ed34111dce131bbb59317cc6aa307885c559cf001ad1f57564f8","first_seen":"2026-01-22T12:16:32.958781Z","last_seen":"2026-04-02T17:09:56.212631Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11386,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/maybank.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/maybank.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4727\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4727,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"1de0efabd4d834cc6ace826453453dcc","sha1":"976307d19824795314a96c3b85c21a7bda45ab1d","sha256":"471d09322ef38b92e3ce27a1d3d15bc989cd23d7d0649263af372b38c72ac67f","sha512":"9bb94bb9317bda48c78b1c14a0c353cd2d5c558bda1c35b18f76773799b3f11451d4ce614acc9d128d578f45461baf8a44c4bfe21a524e3721677ebd01426506","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nT3QaUdBuhLcgxpsa4g8mLPlTSzYC3:wSDS0tKg9E05T3Qa0BWcaMokzYC3","tlshash":"69a19fee59f0348bfcdd396029ce9542f37072acc4463a3884c327ed1496e0a1b004b4","first_seen":"2026-01-22T12:16:32.988207Z","last_seen":"2026-04-02T17:09:56.236335Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/tri.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/tri.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2116\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2116,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"a9332787c6c2381c0a4a5d6211e61883","sha1":"8b7837da9a9f5ac5a05479d256620f6c106e8235","sha256":"86a466018abf53f7175f4909de0826d5a8d405082ac2355b55d7d196fd47d2dd","sha512":"b7493b3a7b53cca8e2f63e5d6788d26b3b8c5af4adedc51d9db25fdfcff9a84d44af024762596b98e0ebd79278bf1d653cfa1e70b5eee6cf2c2ac3b1622b8f1b","ssdeep":"","tlshash":"2941e998d5631c41578ae98b28e14b278a0249c0d5b0c55771bbc04f87341fda8ae4db","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.436023Z","times_seen":994,"resource_available":false,"data":null}},"time_used":11381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/dana.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/dana.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2386\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2386,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"0ac7748e31189f27ac5971efcd30a7eb","sha1":"dd29489b4fcd79567d7c278c3eaf6388a76c77a8","sha256":"5c92696fd590f184864bf00db29cb20da1b443dfc93f8377f14461f35b09f547","sha512":"b62c34f57eefae9fd1754964e314dfc792c7466baef2b08c7331889b47a222f0d981f8a03de2db56fa97083e90bed1d011cd9c655fffe7e5f0d84ea82057a3a6","ssdeep":"","tlshash":"2b410ac9f512bd2166587c825dcb81378531808448f1f922989ef04dbe782eabd3cde3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.400687Z","times_seen":1002,"resource_available":false,"data":null}},"time_used":11378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11378,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Wings-of-Iguazu.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Wings-of-Iguazu.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Rhapsody-of-Muertos.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Rhapsody-of-Muertos.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Tokyo-Drift-Nitro.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Tokyo-Drift-Nitro.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 28564\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":28564,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ce487d45d7f0e2f91179a87680d9bb39","sha1":"e2e7c843e6d02f92926b7e4441ca3967ff2d739c","sha256":"a4c626400c5d8f3dff66599772b8d4a80feb6b3d873c7f408d24c11004ed4fd0","sha512":"2332bed9409d0c5c67690fe4a35d2f073f90ea0241197ac9b3edd776abfb6e1fbfe4949d30ff7522a795d2ab4f91bf65bccd4c3bc53b83f338783ce000bc4dcb","ssdeep":"768:LFYyaTxZgiMy/LDUUojDiZWM5aQlF7IJTkOcDcC4iqz9sCcxa:ROPgi1H1x15aIpOQdACTS9sCcxa","tlshash":"41d2e1a8fb10cef9c4a3e77c98fb4bd9b6f89b2596452232185d5344c18a0c4635b3db","first_seen":"2026-01-03T01:54:17.200329Z","last_seen":"2026-04-05T08:20:54.917968Z","times_seen":34,"resource_available":false,"data":null}},"time_used":11040,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10678,"receive":362,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Wings-of-Iguazu.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Wings-of-Iguazu.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 13870\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":13870,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"58cd6f51709f7431db634a410ff4d783","sha1":"c9ed55cb798a4345f5de2af71e76bcf0ffe3d429","sha256":"6ac5fd438b090381cd2798fdccbb4a0de0c630f79902d886507c136d90e46ab8","sha512":"23b1e2cc17d88e9fb61e209fea980298a0de05fa4619a75b9aeac7889d7bcb5ed91d69fb3c053987345ef531517c9ef5bfecf661f88354da6209066ee6690034","ssdeep":"384:/tI+i2HZgwGQdHxZnyoAgIRjs1524ktrbBEy:QSZryfzjO5nOV","tlshash":"5b52c0d821720cb1063a37966c8f794181347fb3988319a4eb5e1439f42399af7a4a2a","first_seen":"2025-10-06T04:45:30.63355Z","last_seen":"2026-04-05T05:12:25.259902Z","times_seen":49,"resource_available":false,"data":null}},"time_used":10853,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10852,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/bca.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/bca.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4456\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4456,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"57b2d08318ed558cdce7b379bdbadea9","sha1":"0d0c5608f982b1c1cb8edf9255bd7775591e2ac0","sha256":"274127bc01abd2423ba42aa9dd206f0260978c2dcd904c4d04ff259881b0975b","sha512":"63f7f916303ffa0a2956898848f788b80235e82c901bdd6bb6fa67fc37e6417757007a007393425f6540b26e5b1636c8a7813764b4d55da39cee573a0c71ca37","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nT/Z1gIYxAqkl1R+wWyP/D1a:wSDS0tKg9E05TB1YxylewW6/D1a","tlshash":"53918ecfd532500e38cb76c319d8cb04bb21617c4e5323b4a2d994ce2819d07b77b5a4","first_seen":"2026-01-22T12:16:32.946386Z","last_seen":"2026-04-02T17:09:56.278912Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11312,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/bjb.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/bjb.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4650\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4650,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"f4aa0d0850ce5cc24057d565b7e431b1","sha1":"3a9ead365c1a9b4042c4f2e147dafb6b3fe00116","sha256":"6cf37d1ad452318c1c7f9a1b1d36d43e23c3b685b0b76596f6ee9f2f8099c72e","sha512":"3ada67179ea27f0920067d85d10af5d3e74e60275afb61e27e7c33d7d4d4996e603a57670e837471ae82ba07785bdbae4fff60765bb4ac2136bca74cbfb70186","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nTij+LtpQjOf7QSQJudPj3p8wmx:wSDS0tKg9E05Tij+LtpGw+udL5mx","tlshash":"01a19d9f8aa0b28c7baa3a914e8c0242f739382ca529397cd18571de90d1c4e7f154a5","first_seen":"2026-01-22T12:16:33.018255Z","last_seen":"2026-04-02T17:09:56.254256Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11382,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/shopeepay.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/shopeepay.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2585\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2585,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"410210f0e9a527ac10a6edce706a3e52","sha1":"41ac0fbaf4e303490de0da44bbcc2ddf0957d93a","sha256":"b546d30527e6237059995da8fa60d0ee5b99a8a1beaf0d9ca885323926d9dbf2","sha512":"7e6134ee07e54cd0800c5302d78a289b304b13641649ca46f4faad5df1966a49aa0202390cc06398a7c7a740fc84bf41b17b26a098d11b2d19424412241703e6","ssdeep":"","tlshash":"a3513acef606a90263dfed0834d79413c9036ec4d3f6e072d58ad44614a82f9a9e99d3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.391284Z","times_seen":1004,"resource_available":false,"data":null}},"time_used":11375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/uploads/2026/02/favicon.jpg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:57:01.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/uploads/2026/02/favicon.jpg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:08 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 02 Feb 2026 16:10:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 35141\r\ndate: Fri, 06 Feb 2026 10:57:07 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35141,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3","md5":"43cc3cb06f98e836da52105327fde75a","sha1":"cec0e123c90706df53af4bf33e1348c752393eee","sha256":"c4b0abbe0c0ca1014fa47108d35a60f43ec95eaaee05715b3f595d39d2a07630","sha512":"466e6d3f27ea4eb4cd1263a6070aea2c2ee522373006004878add9dea844ac05b9f6d63efcb67c4f391c7fe53306ee368d136dd2485fd0cd1c63e15302a455f9","ssdeep":"768:RwbvQGvAEPafyb7IaiQ3wQmUlyTS7X0qqz/9JJmgjqrIw4LfzU/oVN:u0JICKIa1FKSIqqPog2ofacN","tlshash":"18f2f19691950b7fd4ecec79299aab605ae406ced57cf76614110f743de321da0083b3","first_seen":"2026-01-28T07:33:51.298161Z","last_seen":"2026-02-06T10:57:24.522241Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7068,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Mighty-Panda.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Mighty-Panda.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Koi-Bonanza-Jackpot.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Koi-Bonanza-Jackpot.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/pgsoft.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/pgsoft.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4565\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"07fdf68f6b80703be8dff396a5a89029","sha1":"20f259c2d1d5d61f611079cf2a0b9d15166208b4","sha256":"9c318ff5d70915d892c4f289c1e2e8c7008341feca61bb191df37cbfcb43a28d","sha512":"1e3dd3c89973d138ea3706b02b76f9e8c1450b01b01a9c6e51b055b445cfdcd154be5080004028b53a6ac3d7e629aa54ee74e12191081d287620e89cda2c96e1","ssdeep":"96:aqQ5GZ6y9rpNUfJRttoj7YA9IF9s/IPqeW+ygQdnvW:aq3p7YkkAqF9QIPi+y/e","tlshash":"1d915c4df002842536c6ea93c4d3f026a8d34dc1a5d5e72602ab881aaeb71a75d5dbe3","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.419329Z","times_seen":1102,"resource_available":false,"data":null}},"time_used":11220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/sexygaming.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/sexygaming.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5313\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5313,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"c5aee88302f1236b8cc069d281a05905","sha1":"048d3123ca73c3f9f4e432378ea4cfcf467de417","sha256":"ab8a18edde422524883a5beb8842c4008f032de7f45601c2b37d7e40be19ac98","sha512":"7a18e0b8691f451f47dd0cd7a91052abddc353e332a9a19fd00dd2e01ea45a2565bf23eb170fd940e989f12adfb78a18cc8cb9ce9d8c136665eebf3e7611fa7a","ssdeep":"96:aqQqwG/92LyPMnYMuvdjEnGg4aD4Hn468sZTbZCzN6idRw:aqNrwyUYTdjCg468vdO","tlshash":"22b17d99eb1b58817e6aeca23cdb0bc385069082a415768b3ff784af1ca5155074f9ca","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.438674Z","times_seen":1100,"resource_available":false,"data":null}},"time_used":11311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/jenius.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/jenius.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2586\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"a526cd682aa74c97bdb4e9062dd3bb47","sha1":"9a576b670aa5ff27c5377431444a5b6e6fad059a","sha256":"887520873e323d8af25fc9ca54158e474139b38d78f0ae1097ba0bd27c09084c","sha512":"bd14d5c0424148137d6093f709b8a22265701ebeae2345415449e022c52f28e3f01e1709c06df9becfbf8af1a28539c6d60ddb0d0b828a4d70762e408f24ba02","ssdeep":"","tlshash":"5f51e729d445af023a0ce44724fa817baa0785c0cfe2f12bd58fd5372d647d999991cb","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.377841Z","times_seen":1003,"resource_available":false,"data":null}},"time_used":11375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/uploads/2026/02/favicon-150x150.jpg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:57:01.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/uploads/2026/02/favicon-150x150.jpg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:09 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 02 Feb 2026 16:10:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 8829\r\ndate: Fri, 06 Feb 2026 10:57:07 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":8829,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3","md5":"0ef9f28155c6eb8620e066ba456947d2","sha1":"e65a57e1a8f9e86aa2e74b0934d85b8cce46a181","sha256":"4f011389fb6f2693e8ba4a8839d097cf09bc3ea4448a4c63c86e321361afc0e9","sha512":"df1f82dc8cdb7fc3696a2b16a17948e0fce27b1d893a2c4b712aca419847f24236904ee015bda25a889fd47c2640d3278074d3f800e64109454f0effde070238","ssdeep":"192:MYCaTbtQU5jnL++LFaY/ZxarkavuhoGV6BVnFSbwxrZcuU1yO:tllVLFxrawbhNV6BVF/5fO","tlshash":"6002bfc3efadda7a0886cd690ae2c2816265317889048c8c78f7efc449855dc7dab0f0","first_seen":"2026-02-06T10:57:24.527298Z","last_seen":"2026-02-06T10:57:24.527298Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7231,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/webfonts/fa-solid-900.eot#iefix","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /webfonts/fa-solid-900.eot HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache-control: public,max-age=3600\r\nx-litespeed-tag: f2f_HTTP.404,f2f_404,f2f_URL.f8a3f1b5ec353e72f8a72b14baf8b6d7,f2f_\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"1260.8\",amp_style_sanitizer;dur=\"903.4\",amp_tag_and_attribute_sanitizer;dur=\"332.8\",amp_optimizer;dur=\"103.9\"\r\nx-litespeed-cache: miss\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:57:01 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":163190,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41320)","md5":"125917ab1b3fa5442308e4b39a682b17","sha1":"8f3306c2ade221e65b057e7f2898b495e18d3b2d","sha256":"33c7c7720d1f5ec329fdd56c58f3bc720c5bb78bba38fe6fede89157a04dc2b6","sha512":"77f64ec7931271961a4b2ac02422d1564252222790c827b7772697f9603974593bc5666ab270a7d5480ce6547669078f43990929334d2bb31508d97fbd60342a","ssdeep":"768:xdWG/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUP0V2Jv0Woa9ML3JGGwMM2iQYo:3V61fSRmVLWUL3eS9Sy","tlshash":"36f3c662384d106f7117c75561f8f6ab6e45c91fca324a89f4aeabc8c741f12763a32c","first_seen":"2026-02-06T10:57:24.529957Z","last_seen":"2026-02-06T10:57:24.529957Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Caishens-Gems.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Caishens-Gems.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/poker.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/poker.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1320\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3362,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b47d6c3d3d9869f7a93148f2bb1c7da0","sha1":"be17a0cb99f9962c049f0c7700933170acf83dfc","sha256":"fcc48a6b712772a6e13ef3cc8d424ed90762dcf9c41333c396e40a8ffcc355e5","sha512":"5d19d0789fd42e9eacbf8421f894dfa7269b8289018c0712e66e711fcd090e915afaeab197dc35517964a320ba4d8e3df657a709151ca1bf29185b6a3ff78d51","ssdeep":"","tlshash":"c861e66703169bdef79d4624a924148db6e0c8cba4b4f0c0fb2b3416e4cd4e6bd5d3a8","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.567578Z","times_seen":821,"resource_available":false,"data":null}},"time_used":8386,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8385,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Squealin-Riches.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Squealin-Riches.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 13938\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":13938,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"65b5a6f1d67dfbef67a939e798669341","sha1":"12f49c987804e79e9c0ba5f8a9c4c26e4111c9e4","sha256":"a605d31727977f183527613d2d6f87a9daa7723101787d1043dc1a0444691497","sha512":"1c8312d23e03a3a5e940beaa3f5d03d6b5f33aa0028d41f5cfd3ecea1f12cc3d664991d7063bdb80e6154f4e546b76ab4950f64360ff6ba241b86ef6bb1e1e4c","ssdeep":"384:0EVF2jUDEYuATIFXkguurLBiCXnm8+oOKr:jVMY6ATIpkZuRimmTro","tlshash":"2752c0a87e790091a14491eca09798d34c7e0097dbc59109ed2f7f50f9282dbee92ba4","first_seen":"2023-08-09T13:38:15Z","last_seen":"2026-03-29T15:05:17.787021Z","times_seen":48,"resource_available":false,"data":null}},"time_used":10851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10850,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/btpn.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/btpn.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4087\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4087,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"37acc32251e1dd609fa89a1df36c025d","sha1":"f2f57b26877b326364e60773e18cd1285a25f906","sha256":"9b82e365bf36dc294e9426b095225385f7fc562c545bf158c5d3a29b41c1bb3d","sha512":"01ceb627884ecdd6494a20a99e54b7aaf7eebd350157548978e15bbc0447464295adb7b080d46e6144bbb24478ae23f76ec8a6d1d88fa518c5308eb2f228ed76","ssdeep":"","tlshash":"24817def4af1b85ebdfe3d53058d4100876452acc557327865d3a5ee20a2c5fa722066","first_seen":"2026-01-22T12:16:32.951257Z","last_seen":"2026-04-02T17:09:56.284484Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Ze-Zeus.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Ze-Zeus.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Gates-of-Dragon.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Gates-of-Dragon.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/permata.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/permata.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4572\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4572,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"1aec97bfe3b445ddff64f483425822ba","sha1":"63506445624e6551381b001a6868b66d797ab60a","sha256":"229a7dd59014f2b66763838057e4b4203cb85444433d78e54515078663501891","sha512":"16f58a756d337e3e6a72a729d7a5c0a1519c6cd23a2811155127aba4de45012d340b0d223d4159c890f79e8c3c4b69da9019d01138e3328b62e3f851dad8f78e","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nTFsseDe2atlq7rhyEx1EgOo:wSDS0tKg9E05TT0eT6Xh1TEgf","tlshash":"56917cef8860d05ffcdd7da105cd2a05a31de15cd6973718c5c0aacea05ae524bb50f5","first_seen":"2026-01-22T12:16:32.974631Z","last_seen":"2026-04-02T17:09:56.233965Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11388,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11388,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/linkaja.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/linkaja.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2467\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2467,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"aa19546f0fa57ec054f592623dde7e62","sha1":"19fa186480ac2121f2647bfa6446c6a9a88f3fdd","sha256":"800b3f95f81e845bc3bc92ecf7880f2c7f57a15e0dc3f855bfd3e591b783c7ec","sha512":"13c85136e6887167c1be424dc4b18b1f4773a67c4495e3f83884c6bc1fb143d02c9b0609940661a6e1f26f953f581e1fa128437b0a314bc00533fd9549065af7","ssdeep":"","tlshash":"7b512b14fd116c42829ceca544dbd2a289175b44dad8e47bb4ffd01209f12b98b311c7","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.375385Z","times_seen":1002,"resource_available":false,"data":null}},"time_used":11377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11377,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/Squealin-Riches.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/Squealin-Riches.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-telegram.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-telegram.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 332\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":556,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"193daadedfb7fb6a571634dee8c819f1","sha1":"8d5cf7a9247264f324a01fa1d29b6ce6581a2622","sha256":"b1ddff6d40894a418ca2c4742a6e467562d92162fe293cc72e227063f6def10a","sha512":"ba10d810af36d70c542d5e23257f03eab91eeb11acdf8308a0da23e9c0cbc60d7d42f0289978639ff6fb4bdcfdc38b1b34898de36ebae5b1ec933c4ab770878c","ssdeep":"","tlshash":"71f08b29d2080a33a74f06b96bc0b9a524c4d589e8d83594b0572972b42efe1702b3ad","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.51339Z","times_seen":980,"resource_available":false,"data":null}},"time_used":7982,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7982,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-livechat-gray.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-livechat-gray.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 460\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":813,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c0af3bfd49ffc5ae11ba860786cda75d","sha1":"c598e7d6678d0fc928d2c6eaeff83f0b5311daff","sha256":"d1e72ffd39a829fe41c1a53795d8418fea166a070252308ea1098b0b7c2f74aa","sha512":"c65e0fcccaabf7def73e8618cfaed9eeecaf4a47698b732c3d185fc7397c9572d1375600545deddf2bd57aba69ef1049ff28142d2aeb861a3774ad0a0072f356","ssdeep":"","tlshash":"e8011ea8cb38cab0e14c1b004be8271335b10422daba9c0c43297d85e853e902005cae","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.566848Z","times_seen":1134,"resource_available":false,"data":null}},"time_used":11069,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11069,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/panin.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/panin.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4365\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4365,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"bceb21f07e18e708ae1405acad09b2ae","sha1":"bd2e88b0e592c121adccb4abedd38ea5147681bf","sha256":"eccd7aa82ae0687db48aad13b42b0c1be51e32ec65cdc101686042638748e53e","sha512":"ebb639514bbb363a718428251f53781113f16e9064c8d0164fa025a9655dc37d6b914b940a7d5f9d33fecf2907e7f16788b242141d30acd6120c3ec3a9f6beeb","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nThe74Ykso5qu2wa5KS:wSDS0tKg9E05ThUk8ia5KS","tlshash":"b2918feec474d05e35ca7630cd8d5b02db4e615ce9e3233868d252de3855e531f6a064","first_seen":"2026-01-22T12:16:32.985606Z","last_seen":"2026-04-02T17:09:56.198256Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/telkomsel.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/telkomsel.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2728\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"ccfef8b817b38862ea38cd51ad5eda48","sha1":"7bc6d8db79a495b725ad203aa9228e9178b8ac0b","sha256":"1efc5dce3145bdeabd5c9549aa768207802f3d94f85af872e74e936dc6c6e32d","sha512":"dcb90a21a291fb3d2bafb121ecadd54cae3dbc1972a5058f943c9e3335fe40efd0684adce586a469094a3e9bbeb73f89942c2da48a363ff6e9ea8351cf168002","ssdeep":"","tlshash":"ab510ac8f9856811b2556d9728f86037ce095880cdf0e09669d7f122687c1fdddadcf6","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.424639Z","times_seen":998,"resource_available":false,"data":null}},"time_used":11380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/ovo.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/ovo.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2315\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2315,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"c651afdf017b6e14b8ccf644fffb90e3","sha1":"cdefc9ffd4d0a101dd34fa8d0d72f31e20c203be","sha256":"860d314b9b8e36b5b22a81e02ea6d13290d85203ecb2e0ee3803ff5115ded872","sha512":"fc639ac833e9f4f15c6238d0c39ca5753acf20769db0a0a204a1554cfaf5fdb6bdcd75ad8f4fbb3643e9b11a9979548f9d4d6794eab648a875a202e86a293c59","ssdeep":"","tlshash":"d0412b46e6929d06079cfa9164e702bad6610f90e4f0e82b749ed40d0fe42fc6a6d5d3","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.357025Z","times_seen":1002,"resource_available":false,"data":null}},"time_used":11377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11377,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/populer/9-Masks-of-Fire.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/populer/9-Masks-of-Fire.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-beranda.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-beranda.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 443\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":817,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ae4748bb18effb78dc6d98f8d909790d","sha1":"fafd86eed959576a9175425578568aaccc0b4a71","sha256":"e674d994d3f0106f9d9603e4649fcd1927778b37542752c43f087c01b21fb008","sha512":"dd72ef50dbf2156f2b976b4b478e018d92d88c0005b6fdc394ca443fa3feb8aec149d10c28808442673d58e2c9326fd8cf04eca38372da27180c305524f785a7","ssdeep":"","tlshash":"4c01ab3343c90e39c9681718d5f419513189ccfae2b0a5e8ea83681ad94dd6120626be","first_seen":"2024-05-01T03:50:06Z","last_seen":"2026-04-05T13:09:33.555932Z","times_seen":1243,"resource_available":false,"data":null}},"time_used":8210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/microgaming.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/microgaming.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 39421\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":39421,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 600, 8-bit/color RGBA, non-interlaced","md5":"c553716d56f7133dea04aa6c637d914a","sha1":"266c9f6f7a7f4510b31a2a6f1e237a5ab69fbf30","sha256":"5e8dabba1c832d5ad2c961cdac28466933fc04e0485120d6733fc28f6abb6fca","sha512":"47f8564d40006a86a0097e40917ce92f7c6835556e8f708acb7556ffbca858f4d53c65a9c57c83a5b790ef075c3d1dd766bf3777d66dddd7d7fd6cba35094e52","ssdeep":"768:uTY3U0Uy9aNXd4N5a+Ng880I01G7uuyM/l4waOVe7fMO1MPK:uTX0Uy9apqPNg8KqerXez9MPK","tlshash":"4d03cf6ecc53f84cc8cf4a75af1c1f50b26d41e8d2aca76942b844319fa22dea226191","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.374403Z","times_seen":608,"resource_available":false,"data":null}},"time_used":11320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11217,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/luckyTwinsNexus.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/luckyTwinsNexus.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/bri.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/bri.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4477\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4477,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"d98298d5516194c1458c0ef1ca600c45","sha1":"b4113b469fed5f00afd11f06a42753809fa669db","sha256":"c870765d5a57724150265d48c20c2244a9dc2111f6cb64e6f4fb84d26b88c45f","sha512":"0ac59020f82f9b9b8c798378e552a48667b0ecd0e76befae6c12f5bcebf2665112665fb206b8016f0f19581aa6b0b0a5a54725dbd5488e8c5c556e6a2d5665fa","ssdeep":"96:wSDZ/I09Da01l+gmkyTt6Hk8nTPaLNkZEfZnRcPGcXeWW:wSDS0tKg9E05TPON5NOPGc2","tlshash":"1a916bda99b0a0cbfdae35500fde5706ab353228895b363094e677eb60e6d436b11022","first_seen":"2026-01-22T12:16:32.948665Z","last_seen":"2026-04-02T17:09:56.252319Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/axis.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/axis.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1909\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"8a33ceba37cba67565691bad0b376d11","sha1":"524d0127ba8fb90930c258d1f6dccc2e021596d4","sha256":"da7d51e54f2ec453b76dde1951be25a7e76d2cbd19ceb53b07bca4a09d950c94","sha512":"a3ecb95fc952a21271163c09059df357a3b3b0e94dfdd98f676b5edd4fcc20456e26f384b796acf63f6fe925919c8056b479a95833b1bd6962881993f1298d82","ssdeep":"","tlshash":"6641f9cbc0c3ac01f5aa951028f711229d1249449fd1e46ab9dfd81625b45f59d28dd7","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.354317Z","times_seen":996,"resource_available":false,"data":null}},"time_used":11379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11379,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-new.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-new.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 23783\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":31905,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"524d091d4759569c313dd81aab7d521d","sha1":"95b068a7e8847a60803b33fd7b051292be42303a","sha256":"4609cea657d57c84eb55546dd797d3098185421efb86ef0cf25e3e8d1447655a","sha512":"3172c7104d69254d1c7b6e7c5ba7c82c6ae2a18312bc9531b8b0ee8756e3a554c94184f7a44bbb8cffb76795c2447111ae27500d426f0758d9bbee8355bfeca9","ssdeep":"768:1SiFxD6THNhWHpmolBwPP0KB2j75lcTrwyl/K:siD6TtheBGPpw7QA","tlshash":"f6e2e01fce8ea7ac8516426c303bfdea0dcc6e4d80487aedb9c1b5ab15a655140b2715","first_seen":"2024-05-01T03:50:06Z","last_seen":"2026-04-05T13:09:33.5683Z","times_seen":1403,"resource_available":false,"data":null}},"time_used":10890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8421,"receive":2469,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/icon/icon-populer.svg","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/icon/icon-populer.svg HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:56 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 43234\r\ndate: Fri, 06 Feb 2026 10:56:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":57328,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f8f5f25769046146ae42b17a41c0a16a","sha1":"80e7bba523210c58296f8de4a6fa6a22e913382f","sha256":"dafd7d97d8675bb8ea10eede4680abba88a04c54242a3333a291d66dc91c6e27","sha512":"fbc4ffe351d868e0bc7742724578a558932d9f17c423039657c3150f3adae2e0c5f2dcc3559e94e5d4349e24e8cab31e708cfd982b5ee5419455db9802ad9b87","ssdeep":"1536:JWAHKFFqtSQd1JZjfknvKi05k1QnwqR1FmRQv+qP:JWAyYtS21JVfWXLi1IQvNP","tlshash":"e743f1423f407f7c4976d289916cd15fec26a88f6580ab5f7ef38895b27e6080ca50ad","first_seen":"2024-05-24T12:00:55Z","last_seen":"2026-04-05T13:09:33.553768Z","times_seen":1157,"resource_available":false,"data":null}},"time_used":11681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11069,"receive":612,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/new/Mighty-Panda.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/new/Mighty-Panda.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10670\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10670,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1f318502830d612cae9c3d8ccc235990","sha1":"27d53edc883d48310cfcc45df7e0b08c7f134e13","sha256":"9e0d6ceb457b79cd0d60c0140fb813cef676e1f7483b80d102dd4ebb689e2c51","sha512":"a72e20ea3bb01b5956b3de27fcb240db12d6fb4dfbc08c89711983c423f118b2e2df60226c951a6b75bbbfffbbb8bf08b0d3a8fc4d81bdd587a5c7e174fede13","ssdeep":"192:ZWFCzR29G9NId1B+Um2y6ABTmhRwLAdQzWYJXBt5c0zNm0vQwwQ:MF0RUG9O1B66ABKbYRTVPvQwwQ","tlshash":"9622bf08b2883b54afd1c3b7c3f8d166b94a3d10b5ad513774450c9798a7c8eae9cf25","first_seen":"2025-10-06T04:45:30.551916Z","last_seen":"2026-04-05T05:12:25.2933Z","times_seen":49,"resource_available":false,"data":null}},"time_used":10852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10851,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/habanero.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/habanero.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2924\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2924,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"6fdcf2c4077e1a01c1387becb47eab76","sha1":"9e644b73bbfbd059798cb3f38a50afbb6d51c947","sha256":"063b0b0af325dd011bb3cd4f69e62c3ebb3e2a8033a9f255552a1ee6a47cc842","sha512":"0519f574e77eeb96f2b534b554d6e52300fdaa50c27711e3674e8b22400534ddf89a3a2e2d029b3e455f98423d4a1433964cfc05abb7ba29d32425256e1fa9b1","ssdeep":"","tlshash":"8c513e4cbb83da0ca18c7b521cf65106a71385869c81b8b4ed4fe40f4c70aeb5d5c9cb","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.403247Z","times_seen":1103,"resource_available":false,"data":null}},"time_used":11220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/daftar-disini.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/daftar-disini.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 196304\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":196304,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4946cb4d727c5e29a291925fcc503b8b","sha1":"4cdbba70499bfc962b3af50fd597339da774a84c","sha256":"41d9f2ccd961b8b558423042a707268db0e792fd5068da28b0fe638dcf54439a","sha512":"75e18e3c89c9c19dceedb44570daf3db48d79a4abc53fa839cb7e517f3af415519eb01e5e07d294b2c6a3c0ee93ae841920d14be25c8a4c409c087bd6cedddd7","ssdeep":"3072:qvstmay4td1vuU1pRrBYv1k+4PfWzLM+KaO6BU1pRrBFjoB9DU1pRrBd:qvstmZ4t/vuWw1d4PuhOeW6Wr","tlshash":"0514129da484dd2cc973e9de806557e97f83c000a37ae82c9ca50f9e9b8a7734853f51","first_seen":"2026-01-28T07:33:51.311239Z","last_seen":"2026-02-06T10:57:24.549943Z","times_seen":2,"resource_available":false,"data":null}},"time_used":11380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11374,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/webfonts/advanced_dot_digital7.eot","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /webfonts/advanced_dot_digital7.eot HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonanza89login.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://bonanza89login.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-litespeed-cache-control: public,max-age=3600\r\nx-litespeed-tag: f2f_HTTP.404,f2f_404,f2f_URL.1d318be2db27381f1af3a07d5450a61c,f2f_\r\ncontent-type: text/html; charset=utf-8\r\nserver-timing: amp_sanitizer;dur=\"3155.0\",amp_style_sanitizer;dur=\"2651.5\",amp_tag_and_attribute_sanitizer;dur=\"493.3\",amp_optimizer;dur=\"20.2\"\r\nx-litespeed-cache: miss\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 06 Feb 2026 10:57:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"AMP for WordPress:2.5.5; mode=standard","description":"AMP for WordPress automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site.","website":"https://amp-wp.org","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":163199,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (41320)","md5":"915051c8c09798565d5a87f15eb33410","sha1":"423dcecfc38d99d1ed2ae4c62304d35dd3d5b173","sha256":"a7a44a2e174dbac01eba44cc518fab828436817c41635c317cc01b403f7d8a50","sha512":"923459fc14401eb141ef7f9b9fbdac3fb3bf0258e58c1f3ac8ef39e31a539224a1264cdd1dd585b8c0d952dc4794911d8361a95f0e4bf3d9ba36e4fc174772c9","ssdeep":"768:xdWG/UXyCu6zyygVMnUYvtRhFU5JPK8uC7LEZFUP/V2Jv0Woa9ML3JGGwMM2iQYj:3V61fSRhVLWUL3eS9SZ","tlshash":"6cf3c662384d106f7117c75561f8f6ab6e45c91fca324a89f4aeabc8c741f12763a32c","first_seen":"2026-02-06T10:57:24.551714Z","last_seen":"2026-02-06T10:57:24.551714Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12460,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12460,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/games/jackpot/Wild-Bounty.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:55.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/games/jackpot/Wild-Bounty.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/slider/slider.webp","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/slider/slider.webp HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:56:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 313960\r\ndate: Fri, 06 Feb 2026 10:56:58 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":313960,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x613, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2390b867c1085b317a81289897ee398a","sha1":"d103b86510986472f2584b78639273001ee1ec6d","sha256":"3ee8fb4655f2d2fa3a4aca31e58c5a5a75dd5d29852f0d83ca2ecd51f8460b65","sha512":"174d2460f92a66bc101f4b29da26a96f0fd903a9bf03b5ee54dcbdc9d8b2bc7ee208df6173a336eb42b3406db2b8c9308778bdb7a12248067aad1736366b8f07","ssdeep":"6144:8EUJgN7ohvlGky4eaO5e3Fl5k4oJpQRH/6nwv0zUqW52w:8myvaasOkZYFGdw","tlshash":"556423351b925b6cc0426f78b884e5321bbfeb032c265d72da8963485ef3f63516b253","first_seen":"2026-02-06T10:57:24.553216Z","last_seen":"2026-02-06T10:57:24.553216Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11424,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10446,"receive":978,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/provider/sabasports.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/provider/sabasports.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4713\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced","md5":"1f3020b661a06afe96a458859c3c7cff","sha1":"1a2bdc2e90543265d04d42670522c53105f5acbf","sha256":"ff82fe6d37d4c0a8714b16d18ce5d08f75968e686e1b71c30a783124f7dedc59","sha512":"2da36480856b22b46cc5b39f81ce86787b0ba260b9ebece4a715075c9bb48dbb90acd45b524ed317564f3f9060071ed0ff1ed454aa86a3ca935d018e015541eb","ssdeep":"96:aqQ+8/tARsjA+dRXr2zC0kyUh/jIDuseHh46WMy8HOM9TORnAy:aqz8/OejA+bXrO3ky0/jseCZMy8HOMmh","tlshash":"c1a17d0cf75eac09354268c230f9914399500df4c86a902af504ecdb2ab83f9ca9e5ef","first_seen":"2023-12-01T04:11:56Z","last_seen":"2026-04-05T12:52:14.399936Z","times_seen":1091,"resource_available":false,"data":null}},"time_used":11312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonanza89login.com/wp-content/themes/jbg2nd-fg/images/bank/xl.png","fqdn":"bonanza89login.com","domain":"bonanza89login.com","tld":"com"},"ip":{"addr":"209.74.68.24","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonanza89login.com/","date":"2026-02-06T10:56:56.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonanza89login.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 02 Feb 2026 00:00:00 GMT","end":"Tue, 02 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"52:DA:C5:17:67:96:5B:84:35:57:DF:D4:E5:02:35:D6:09:1B:23:A8","sha256":"52:E6:4E:49:80:E0:09:AC:EA:9B:88:9D:C4:EA:F6:44:56:47:4A:6F:0B:78:E6:86:EA:BD:68:47:B2:00:26:98"}}},"request":{"raw":"GET /wp-content/themes/jbg2nd-fg/images/bank/xl.png HTTP/1.1\r\nHost: bonanza89login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonanza89login.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 13 Feb 2026 10:57:02 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 02 Feb 2026 16:05:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2458\r\ndate: Fri, 06 Feb 2026 10:57:02 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2458,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 26, 8-bit/color RGBA, non-interlaced","md5":"84094baf12f6cd3d4d8cf7557478370f","sha1":"6adfff2597d1986ca93211709d92364b7f31994f","sha256":"d64a7c2b38bd2b08c842b2f714e402f0ee9ed9884171a6e1e95f57cd57ccf748","sha512":"dc262d4198e9b38b9cac4987ac803b9ec8e2466510793608869213a56110a44f696935d767fa4ddebd00873886715bb784ff039fe24fae0c166530cb14e90849","ssdeep":"","tlshash":"9751f80da68218158beb99c106ea40224f064f44ce84e0e7b44ed4665ab42ec6dad9d7","first_seen":"2024-05-24T12:00:56Z","last_seen":"2026-04-05T12:52:14.412794Z","times_seen":997,"resource_available":false,"data":null}},"time_used":11381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"bonanza89login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}