{"report_id":"4ee03e57-b56f-430a-88c6-09d3f29571ea","version":6,"status":"done","tags":[],"date":"2026-06-07T00:55:43Z","url":{"schema":"http","addr":"landing-bet365.com.cn","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"landing-bet365.com.cn/","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"title":"Bet365官网:尽享无与伦比的在线博彩体验-Bet365中国","dom":{"size":52986,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5205)","md5":"9efd880dcedaa7770bc8ca983bbcb87f","sha1":"5ac26da270216c58d6f38e5af9a949849a27ceaa","sha256":"32076395e05d146dd9ecd17749d902ac17ff27362d6c86427eb444435b423f9e","sha512":"55af4e5978e72ab4c3e150827fb9f10509268c796e51284af701df7b9ca1d910fb44d9ad18221edbefc72d1523eb89635002eeb586be9f1c00935c84e409c7de","ssdeep":"768:pwbbLvD/0S/X/IF83Y5oEKxqt3kfgxWiJcv7urWMIviuxcahq6u7/1+Na:2j/pIyYkox3YIWMCiicYqPdEa","tlshash":"94338dba0372aaad0c1340e8db84a11d354c47cfb13f8b44bfbe9959bfddea54145682","dom_hash":"domhash8f20b5f57c20ba5aacf3ae3fd8101314","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"landing-bet365.com.cn","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-12T00:55:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"smrncj.com","ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-05-20","domain_rank":0,"first_seen":"2026-06-07T00:14:23.757213Z","last_seen":"2026-06-07T00:14:23.757213Z","alert_count":0,"request_count":18,"received_data":1868938,"sent_data":8201,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"jQuery:1.8.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"landing-bet365.com.cn","ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-16","domain_rank":0,"first_seen":"2026-05-20T07:25:44.986128Z","last_seen":"2026-05-20T07:25:44.986128Z","alert_count":88,"request_count":22,"received_data":1539944,"sent_data":11519,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-31T22:26:05.480738Z","alert_count":0,"request_count":1,"received_data":329760,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"node91.aizhantj.com","ip":{"addr":"43.174.27.154","port":21233,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2024-07-29","domain_rank":4549453,"first_seen":"2025-05-08T02:39:02.894071Z","last_seen":"2026-05-31T12:52:10.77974Z","alert_count":0,"request_count":2,"received_data":36745,"sent_data":1155,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-31T22:42:17.707694Z","alert_count":0,"request_count":1,"received_data":234020,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.matomo.cloud","ip":{"addr":"3.167.2.76","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2017-09-08","domain_rank":124973,"first_seen":"2019-09-27T14:00:38Z","last_seen":"2026-06-04T12:36:14.449233Z","alert_count":0,"request_count":1,"received_data":155638,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"9170.matomo.cloud","ip":{"addr":"18.195.235.189","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2017-09-08","domain_rank":0,"first_seen":"2024-10-18T01:02:04.432395Z","last_seen":"2026-06-04T03:57:15.021343Z","alert_count":0,"request_count":1,"received_data":230,"sent_data":945,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"smrncj.com/jquery-1.8.3.min.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"69ecd99e201c97170d8b1735877c5c6f","sha1":"acbbbf3197c7ae19982ce6ef9ff6932593ea85d8","sha256":"ef45c2b4676161897f63a84bddd4a8d7e33e98d5477e8bda3ca8173b222b8a9c","sha512":"3d97dca1cf3e459586b63a2cf49d9bafd54ff56001bc44d3963f2bf2ae1fc0ffbd260aea09986e37ebb00e969f4b95502f37f654fd97a49a40ae0a97a720ecb9","ssdeep":"1536:ln6I5cEDlV0YjGaWQb6u6xvkT4ys33lt4WXgVInEG0vd007pNTbyT+SAy+uu49Jg:Z/Yi6Jnys3PN+RwFj2ShosS9","tlshash":"9293f7edb3c6717243ab31a910af650ff2366869284d8410f138e8f4bc75a499277e7d","size":94213,"data":"","first_seen":"2023-03-07T01:06:41Z","last_seen":"2026-06-08T08:11:14.863601Z","times_seen":1340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.matomo.cloud/9170.matomo.cloud/matomo.js","fqdn":"cdn.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"3.167.2.76","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bc993f46088bad8457441079ec1f93e","sha1":"7d04ba6473d6b79a7337daef63e1f3b66ec27fa4","sha256":"af0145825a50ccdf0e95b0fba01d3e9694132465259130d9c0e06b7c0f471797","sha512":"866e7eec70fe832f760568cc8b4591c393e42c181303d6ac4ebaca72bf9157c9d19dc8c500fc86bdbd604553017c0c66421e736b1e611146ea4e031e59197eca","ssdeep":"3072:AT+Z2fucXYy1PGJ9d1QkNw0CN1Iy/Bi4jZdV50tqv:ASUucfBGrd1HOmoBi4jZdV50tqv","tlshash":"59e3f88a72c2753a86eb60b5543f210b737a9daa2448c0b4f625c4f53d78e1e513bf78","size":154949,"data":"","first_seen":"2026-05-18T13:11:50.243772Z","last_seen":"2026-06-09T19:56:27.161292Z","times_seen":690,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3b96d49915b8d1766de1ebd3385890c4","sha1":"39ad906d90e05595fa63d487431da59115db5fd3","sha256":"d2f74c10d99ad76d94d7bb7a880683baafa4833381d66af826976bbcc71dd008","sha512":"213de6c1557d284a22ce72d74225e340bbf4b15395ee46677f33e52c1e575d4142f69562cf3025a11376f7aaba748eed8032020e059c009e1b1be8ae1d0ad0fe","ssdeep":"","tlshash":"16f041b33c89013dc36202613333b2493036253e340abc22f50d186b2a90e5a106b50c","size":587,"data":"","first_seen":"2026-05-20T07:25:49.902479Z","last_seen":"2026-06-07T01:46:45.308139Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-09T20:39:07.352126Z","times_seen":121590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-09T20:39:07.352126Z","times_seen":121590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"45688764c4bf7fd16b629d6372f6f9a5","sha1":"f77031721b1d843eca820d4e3851c9a0a670f6b7","sha256":"bc681631e1dabe44541dc71f1d91b81efef49e39c3d38ec046912abe8d6ebf5d","sha512":"a3733b87a4ac723ab60696151a43f59c8dd9bf54645af481bebb219dc2118b7b57f2eefd62162630cb29d0d55063d1284d36c9a9aa2d1710e91d0704d8218939","ssdeep":"","tlshash":"06117d8c0543a26723726155ab4ab2d41176008f2409e854bd0d4f40afd8e2fc597fd2","size":1106,"data":"","first_seen":"2025-11-05T08:51:06.295199Z","last_seen":"2026-06-07T01:46:45.304773Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/qrcode.min.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","size":19927,"data":"","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-06-09T23:01:33.305183Z","times_seen":61708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/main.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"758f026db1bd5e1c8aca671476665f05","sha1":"5a408c21f971c0ef5c2f75b0acea353370556661","sha256":"0ffddbb071a1f28fefc96300cb3f4bf173fcdb571f823e4ad161bbdb570bbc0f","sha512":"a1c58b5671584a5140063e91ca8bc00495b12a26aeb484529bc34066bdf26e91d71ee94c5b3e09845d3a49c2369e99daf9b4b702bb6c6ed22d3d1a926987e499","ssdeep":"96:hyKUgZKCk0LsVhXK7H2WK4bKbuqlQ0af6nUymKHFKeQfWKRMk0E16Ln0:hyKU4u0w3X9W1b4uqlQ0afUUymOFEWgv","tlshash":"d6a1613e11b510b48137a051e7de6b49763a019b3004d995bd3d8a4d3fc0ee929f1af2","size":4760,"data":"","first_seen":"2026-05-20T07:25:49.897038Z","last_seen":"2026-06-07T22:57:44.763964Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f114b17a5daa81b18169b2088322c8c","sha1":"34440ded92dfcff5167acd9f0056fbbad3e1cdde","sha256":"808abf6d686788b8a31f5fc551e7f7a370d545e0db8e884ddaa53c47c8503596","sha512":"1255695bc30baa65ae501ebc3501a5bbf69bd591402b5fd1c4465fa594f8c502aecd4ccd83f3e336c2a6d9ebdd71b52c3c8003e7b7983f1d423106d31bbf1329","ssdeep":"","tlshash":"e0f0f18f75da14342d4b90375b3c8e243112325ab1844033bcfc88353f582ee0966bf8","size":493,"data":"","first_seen":"2025-11-05T08:51:06.296202Z","last_seen":"2026-06-07T01:46:45.30527Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/js/tailwind.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c193259f53fb33856681902d899d0b04","sha1":"539d13d4016170493357b58e7efe676b700d31ba","sha256":"78f70dbdf61859c3a382c96c27880fa5737216af6d491fedf73a3356ccab05bc","sha512":"69ab3a80f97b0965712cec07246ccd9542ff3c6f8d1152047494395240ac99170748e90979ccecb8c90f3ab801cfffdfae075f42a987b457535b14f5d03d2cae","ssdeep":"6144:mr00+lSrr7p2CDj4cUlFLa6kLwSKJXimTqAcUm:08kfelFLa6kLwSKdW1f","tlshash":"00743baa7396753243eb91e950ae1142f37d5a38500c44acf79cd8da3da4e4850fbf3a","size":363693,"data":"","first_seen":"2023-10-25T18:01:37Z","last_seen":"2026-06-07T01:46:45.278173Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e54f7d0a252bed03ff441ce8357a0eb","sha1":"0bd0c73338a1e7dbee1c0f6f6086fe6979be1851","sha256":"7ff0fa3de9fc16e03210fdf2c9c88ef376e53c96b3ebdbed5528f1fc2930a3f9","sha512":"b6b8b81def07a94ae7915e8e549f86d7fa27f00c65535c150e7bd180358cfeb46d9a31bfa80ae4d87dad9d4ef957832a135636cf6892c729a3efe08eb69f5b78","ssdeep":"","tlshash":"6fe02b1f0916ef3f223b22646db18f1eb6cf252d9b8480529687c0283455d9941aa34c","size":408,"data":"","first_seen":"2025-11-05T08:51:06.298535Z","last_seen":"2026-06-07T01:46:45.30769Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/fun.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d8fd25fa08eddfaedf4e1ed265ed629","sha1":"4ec71419f7a732ac14056d50ccda98e11ebe0b8e","sha256":"126dc0fb1bc7043ec5b03e5a8ff9ebf7b058557a3c8c98591a867c2b3d6ac731","sha512":"4bbe8018c0e7f3ee080795353a4ab27fbad39214c15b3d43fc2027b14c093fad5cbc2963fa30156f21a90755f79f7dd1d37d57483ef06623d97ade155b17e3a9","ssdeep":"","tlshash":"b621423954d3a83942338064b6a7c3583075d025fb47ca06699eaf944c89f7488bbcdc","size":1278,"data":"","first_seen":"2026-06-07T00:14:30.360924Z","last_seen":"2026-06-07T01:46:45.303199Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-10T00:10:51.525393Z","times_seen":365109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/swiper-bundle.min.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-09T19:49:43.345117Z","times_seen":4535,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-09T20:39:07.352126Z","times_seen":121590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"node91.aizhantj.com:21233/tjjs/?k=47z438qeo6x","fqdn":"node91.aizhantj.com","domain":"aizhantj.com","tld":"com"},"ip":{"addr":"43.174.27.154","port":21233,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb958d31180063ba2273ecfc624bf22d","sha1":"4ab78e9eb20037bbc1e0e3924edb2d70261d61ed","sha256":"bfaa94538f46eee7fe160baebe855014131a947208c6c9664b489a8dd64bd579","sha512":"dd374a7b90b7dda2a1d4406d08cb0ac14641f459be48627781b1bd1b6185fd6adbd80278d4bf5caed2e9c87c0540b583df87692f1ca246404c4a21a9d619936c","ssdeep":"768:7kS5kuNczE4rDE93/XrWpWdk2pByX5h0N:gSOyczE4rDE93/bg+Bk5h2","tlshash":"88f2e8d632ce253692767099d95ff50cf8b96a1437d9ac44590cc0c46d208ba83ff9bd","size":35703,"data":"","first_seen":"2026-06-07T00:55:50.686635Z","last_seen":"2026-06-07T00:55:50.686635Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-543HN88B","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e23f96a3e847c3bb4dabd353a193a11","sha1":"d9c48f1f4e89cca545c62cdb5174d99660116fb2","sha256":"5d69cbb5bc9f545fb4d460216843e007008fc3d4ac38789fe9ac2ea679319310","sha512":"7e5319154a37dc7d954319869dc86f660c273ab34104825b61c641f51f293e021829c6b0eb90f45b7916fe13e48f26aa8ac9d2cd0117a96278fdefe5560c147f","ssdeep":"3072:nVJqNIrO5hPeGzIHPBVu0XTEYkY1bdZTJzYCGB5Ck2pbCmW0wkl0dicShP2SsY9B:0I3GsHPCgbP4V2pXW0w40dicSF2SNDiQ","tlshash":"1764e7cdb3d6b46243a3a478903f114ba23a79e2f448c898f186d8d42e746694277f7d","size":329110,"data":"","first_seen":"2026-06-07T00:14:30.345716Z","last_seen":"2026-06-07T01:46:45.294685Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/swiper-bundle.min.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5363dba1dc13856b5d7bdbbf1b5b765d","sha1":"4efa3269598dead6df770ef3ab0e8c4129324c23","sha256":"3938213301426c8e6003facc81cd920028e41ce355f2c66b1df23a8c597eb131","sha512":"fc90fb192a2b8d306db2a0952667523f9d9c729089a677239de516913ae07acfcb9db8ac12d0c1a49139f2b559404a8ff4856bc6e1382799a5876ddd12617e6f","ssdeep":"1536:pKJqLfGmNQ2X8NFbauBE+UjF3jrMtOBlxvHlik3+ckNkeyGCjmFiBnyOlV/TDUr/:EJebsNQ9ik3GKBnR/TDU9chHdN+ui","tlshash":"6fe3e789a221b67646e3169b93e4c211b3b54540b80ac4f470bd4c9f597ec9c13feefa","size":154087,"data":"","first_seen":"2025-05-23T16:19:11.217273Z","last_seen":"2026-06-09T04:46:11.345209Z","times_seen":1383,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"ecc57bdccac576cf49ea97d516ef0771","sha1":"69852ee76a9a016faa26643019ee5912d4db195e","sha256":"e8420e04651db0f65d44a645be53ea07f8c38af8335d4ee2ed55e6bd0ac524d2","sha512":"69e396ebaadbc0f82d66c5daeb34e01717f957f232cfafdbd77268fd1ec4098b4d409f92a55c213b822c949cb4a5891a788c8cd8c562b54438b15242ea223f12","ssdeep":"","tlshash":"5b11288e1073d06e1bf322646b5f7318712311db3248d898be1c8b409fa972f95536d6","size":901,"data":"","first_seen":"2026-06-07T00:14:30.398676Z","last_seen":"2026-06-07T01:46:45.306075Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/home.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","size":5802,"data":"","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-09T13:47:02.245933Z","times_seen":778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/bootstrap.bundle.min.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","size":80821,"data":"","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-09T13:47:02.245073Z","times_seen":2105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7b84a69d111590e4872743a2785cbbca","sha1":"37119a5299fb62698d57684f69a52ff4bb9cbab4","sha256":"d0ca8ff897fb0c01bb1da4744a380acf846f949bb1ed13bf89948cfc07db09fb","sha512":"dec4b8e19a4e5862967c58b47efc392e6e1a4b679278456a836160c7740d706f50e35b8da5fa905cf350fcee46025205999f881abccd6c29c570e42a8ca85227","ssdeep":"","tlshash":"1331a25959f362a2ce63b1b9879b610c75a5914b3908d5143c4c63a08f2873ce7a3bc9","size":1456,"data":"","first_seen":"2026-06-07T00:14:30.401005Z","last_seen":"2026-06-07T01:46:45.307149Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"61545b06e8445c0945c431557f3d9bf9","sha1":"fe68ca7b92a7d3abe6147fe7e5fbde85165ce975","sha256":"2bd59deba42847114aee5beaa7c7a06918b3ec58307a2f15433166f669911de6","sha512":"5a85d8490ee5131183709e4f31742915d488299e1b8955e51e224c91f77377a14a814d27c7b8152946c71bb65702a462bf1c2fb252791b38f00097c5a5dc7b9b","ssdeep":"","tlshash":"94e05b44217550615a139c20056e5242953011476977bc79798d8a85ef1e32c82b7ed6","size":393,"data":"","first_seen":"2025-11-05T08:51:06.301947Z","last_seen":"2026-06-07T01:46:45.308608Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"e727bde66b9381f8bf1622c98144cb4a","sha1":"37a1c3048891f1f599afbd92d6073db2b82b4266","sha256":"28a45dab37e7b4904493da732f9494a16cc5f5c7a6686a0c107fcfd40bce3455","sha512":"8b011976801c578da314c0911bc0a217b3e878daece9c2517191555a49748b3fb79245fb06c945d26853e075afd2d4a9882658c463bb941eb505b490bed6b63e","ssdeep":"","tlshash":"3fc0c0731005a04c092040a03039095c44054904f703d6703cd13d1110cc0f905d47d9","size":179,"data":"","first_seen":"2026-06-07T00:14:30.40531Z","last_seen":"2026-06-07T01:46:45.309076Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-06-07T08:16:34.45127Z","times_seen":242447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"78ac2aa5ccc29c90a345c90aab40b442","sha1":"cac604932faa4add2955602b41de8a8bff362ebd","sha256":"53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e","sha512":"5c76abfa8f4091277643f4dad57c37d9eb71d33c9691f0e85bc82ac5f303d4e3da4937cbc2354e4d5c5d0022746d7c06f975f209067df2cefa55bd3827d892a7","ssdeep":"","tlshash":"31b01242d0575c0e0170c236ec485418474d4a7d9fa708010dc6ab5c0c99f1405e549c","size":103,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-06-07T08:03:11.676707Z","times_seen":13596,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"50484e4da7f4f3b9dfeb1bb38c8a5e0f","sha1":"cdb1227b7bf7dfd6921322cf909efc82df479bf1","sha256":"37a1d07ee3837021c9924f90ae09d6b768732d87912f02ef5fcbf3cbd3b55690","sha512":"1e14f73371d92930a7a8d764e1460e942a4c496631cbb7bb34e57f0c828598275200241a401e56b244bc36108047060b1633cb10f8ffe01ee6c2968f9eb5f723","ssdeep":"","tlshash":"4ea01275086394346034895030429a9c610580204315090456263820406810650610e0","size":77,"data":"","first_seen":"2023-03-08T15:51:34Z","last_seen":"2026-06-07T06:22:09.10427Z","times_seen":1089,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"374ff9457908b59bd93f3cabab31d8a7","sha1":"a2ebbbe5cae2c2833ca869397ed833ba31a9c6b9","sha256":"5486d8649f3c21c69012528522270f1d016c2fb56b6e090077a2501af48975cf","sha512":"9a0038c79b917a648fa99656872a057c1adb42e901a510bf4c274d839ae5d9d1e9d9a386b0f86a1152c6eed4aefb5dea6af7aace401b0fab9db2e4cee99aa4ae","ssdeep":"","tlshash":"83b01270c45af474d132f0429540cb8f26b8510af7bb5f0d453879e2908e5482cfd6c5","size":99,"data":"","first_seen":"2023-03-11T16:14:26Z","last_seen":"2026-06-07T02:11:50.33563Z","times_seen":3522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"smrncj.com/assets/bg.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/bg.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 91730\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-16652\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0449954d6b68b331b9534dfa24db61db","sha1":"e64f7b50abb9919111d1115591614a853c868de5","sha256":"12cefaa87c4add70e8974e61703c072be957847bdf9d6cb6beced0dd5a67bcf6","sha512":"30fa37f49418bea0e7cb2acda00a03775f8c6c19bb1d3d5b5ab7c1db53306a9b99c6b77a801592de55a1de5c8723d31450b7353677efc7bdfc3d7a5b36fee67e","ssdeep":"1536:uBahiCQSxxdPyBT+KDUWT7isbkJ8n1nw5XgubQ65+9nhOt+25jjLjELA90:uF0DkqUUW3Jbkq1nu865+fOsHe0","tlshash":"47930266f0bde2368b64d78f6a903f0c784f476a158ecba63c9003cb572755b17ae801","first_seen":"2026-06-07T00:14:30.389083Z","last_seen":"2026-06-07T01:46:45.29641Z","times_seen":3,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/qrcode.min.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /qrcode.min.js HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: W/\"6a2286cf-4dd7\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19927,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (19927), with no line terminators","md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-06-09T23:01:33.305183Z","times_seen":61708,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":500,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-yule.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-yule.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-b3f0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nFO8eFRrh78ZPhGHhNT75gUhyL4svxSn3t7MAIqfPUi%2F7g%2Fkqw4W2boJC7%2BbPaWgHfQz9VFKGBVDeyr84JjcbymRQJ7p6Xbq5DXsWa8jOvKUsVp4gJIyDWE0xxNGMuEng4Pui2eVMDY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 46064\r\ncf-ray: a07bb0dc4d0e5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46064,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 860x745, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ca74f3385497fe0447086244f81801d1","sha1":"36ba7c01f6b3f53bc81f3e913d780069c876eb87","sha256":"4769e45c93e972cd524faa790530eeb861b8f0447db1e819023930206f11675e","sha512":"eeb07afaf9eea048d4fd54e4b43e2c1d6703fa4cc47c7959a3f136fc2ccf2950b399d0f654f211892f4a300416ad7308d4cd88e8c5035f0fa2d011d06a4cea5e","ssdeep":"768:RkCE0kZe/84Ka4GtwZRR8YGPKiLMfUOz/39wpGN52REeHCPTffR3Iu4unPIdTiU:RkCZkZ14MSw/WYGSiL1I3572WTXuuPW1","tlshash":"4c2301b42c6ed6e48696aa098d4da0a0263b634dd3473d89bcdd17a4fcbd7980ca5c10","first_seen":"2026-05-20T07:25:49.873679Z","last_seen":"2026-06-07T01:46:45.29356Z","times_seen":4,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-gongju.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-gongju.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-64e8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TX1xNXypRc6gnALvOmNakw3Rd0rOsVD%2BHNF0pc49nIEhH48B5Ye0%2FCxT8Z3CaClaF5H1JSnrcwFD8UrtMp7kIl3GjQy9vgXi8YWHBrTvRorFc34zAmNVK18cHiG3Oktma4uwAXhomGQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 25832\r\ncf-ray: a07bb0dc5d115ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25832,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"db88a4523e09616f2313e45ddf7bc441","sha1":"396f0a470df4a35ae96bb9d7a6d1fe271624cd39","sha256":"f11656f6fe623033145ef4aa474ca568e1d9b8b3dea3941419214c855bebc4e5","sha512":"3bf2d927d56386170f9980e9bd8286b4f7e512e0707562300d75d7e62d2ddc3d099cfb9586981791eb46f78c43ab3f39e849e0e3e381d756ab2e9dc73e0e3a42","ssdeep":"768:Kw3EiQEXCN3T3k6zTK+ynza8phYCbIgK4:r0EXCN3bk2K+S1hYCbIi","tlshash":"8bc2e0d81509873ad1330db80463475403e3e9724ab92983b26411fb9b9f7e9fb38b67","first_seen":"2026-05-20T07:25:49.882662Z","last_seen":"2026-06-07T01:46:45.286956Z","times_seen":4,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/logo/logo.png","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /logo/logo.png HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-48691\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2482\r\npriority: u=6,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8y7iCjeJnkTkXcBIKJHItckGb7CVPFv9eu0imn8aVHOMJsnvLqHCY%2FkPbEJ22Bo0z8EWD8MgyWmMAuuiCLR62gyGHNjZYXyMYQzKRDOFc6uPhDttq%2FnTd02WdBAwEGorHfxyhz6qJAQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0deed385ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":296593,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"476a5ab2bfc4ada0832ce22a0c98b541","sha1":"dac98cc1c483296f5f81f8d4d21124ac6e0d8ef9","sha256":"5176acf8a048189ce6e2f492133021ef0cf4bfc54521d5ebf8464a77f991f07b","sha512":"9bd06477834eaa808b81007e3126a2c61af2cdbb5bdcba883f875ddc460fb605db2dbb056312b63e3ab4af26f5a1aa93113c1602810d4dd04ea96c9d0517c08f","ssdeep":"6144:3s0vMVjpP23FqYQqYCQ5ZXvZlhg/GBcbWvV6YSOmjdaw:3s0eGFzQqYCYRfh/qbWEP1T","tlshash":"055423a127e125eefee36142c2266eb1fa7d1f3ae041756dfd27beeb41483601316124","first_seen":"2026-05-20T07:25:49.854581Z","last_seen":"2026-06-07T01:46:45.283993Z","times_seen":4,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/logo.png?v=1","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/logo.png?v=1 HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 52600\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-cd78\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52600,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 614 x 248, 8-bit colormap, non-interlaced","md5":"c28d89e2dc48d690f9599140f1c90d15","sha1":"aa91597e9f96f234bf67aa934a1508407337cc35","sha256":"451f47998d6e063d44843766ba2056b76130cb2ff4fe922ed465733e0b3f2e81","sha512":"0b5a30506986929428418358964a151a967b014e260918bbc2feb47f4ff80ecb4a36cd24bf8be33e119e1d28613ce2b26419bfca1fa616e3cf4e5ceda8c20dd2","ssdeep":"1536:w5olCyXh4dHAKXQcCKuEaQ/JGjyXSub+KRnHaX8LCjr:aoPh4dvQ9Q8mX9btGr","tlshash":"0533f103c684ffcdefb9c589a07a8b89e555911307e3580bcefa265c45c697ea063c92","first_seen":"2025-11-05T08:51:06.291464Z","last_seen":"2026-06-07T01:46:45.292101Z","times_seen":16,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/jquery-1.8.3.min.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /jquery-1.8.3.min.js HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: W/\"6a2286cf-17005\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94213,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65481), with CRLF line terminators","md5":"69ecd99e201c97170d8b1735877c5c6f","sha1":"acbbbf3197c7ae19982ce6ef9ff6932593ea85d8","sha256":"ef45c2b4676161897f63a84bddd4a8d7e33e98d5477e8bda3ca8173b222b8a9c","sha512":"3d97dca1cf3e459586b63a2cf49d9bafd54ff56001bc44d3963f2bf2ae1fc0ffbd260aea09986e37ebb00e969f4b95502f37f654fd97a49a40ae0a97a720ecb9","ssdeep":"1536:ln6I5cEDlV0YjGaWQb6u6xvkT4ys33lt4WXgVInEG0vd007pNTbyT+SAy+uu49Jg:Z/Yi6Jnys3PN+RwFj2ShosS9","tlshash":"9293f7edb3c6717243ab31a910af650ff2366869284d8410f138e8f4bc75a499277e7d","first_seen":"2023-03-07T01:06:41Z","last_seen":"2026-06-08T08:11:14.863601Z","times_seen":1340,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-543HN88B","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:35:27 GMT","end":"Mon, 10 Aug 2026 18:35:26 GMT"},"fingerprint":{"sha1":"81:79:25:0A:2E:C8:CA:DA:16:EF:B8:34:B7:38:E6:48:7B:5B:4C:6D","sha256":"7B:74:72:15:7A:A8:4B:D0:1D:D6:11:DE:7C:D9:15:EE:E9:22:FF:E8:56:41:9E:88:6C:4A:F9:9F:AB:B3:6E:2C"}}},"request":{"raw":"GET /gtm.js?id=GTM-543HN88B HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\nexpires: Sun, 07 Jun 2026 00:55:23 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sun, 07 Jun 2026 00:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 115497\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":329110,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4515)","md5":"7e23f96a3e847c3bb4dabd353a193a11","sha1":"d9c48f1f4e89cca545c62cdb5174d99660116fb2","sha256":"5d69cbb5bc9f545fb4d460216843e007008fc3d4ac38789fe9ac2ea679319310","sha512":"7e5319154a37dc7d954319869dc86f660c273ab34104825b61c641f51f293e021829c6b0eb90f45b7916fe13e48f26aa8ac9d2cd0117a96278fdefe5560c147f","ssdeep":"3072:nVJqNIrO5hPeGzIHPBVu0XTEYkY1bdZTJzYCGB5Ck2pbCmW0wkl0dicShP2SsY9B:0I3GsHPCgbP4V2pXW0w40dicSF2SNDiQ","tlshash":"1764e7cdb3d6b46243a3a478903f114ba23a79e2f448c898f186d8d42e746694277f7d","first_seen":"2026-06-07T00:14:30.345716Z","last_seen":"2026-06-07T01:46:45.294685Z","times_seen":3,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":239,"dns":4,"connect":28,"send":0,"wait":52,"receive":70,"ssl":205},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/12.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:24.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/12.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 292006\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-474a6\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":292006,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x606, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"23b23bca8457cfbcba3a960015970110","sha1":"25a1a4d7ae4972cba9745a1462625fa4638fbb09","sha256":"d01f20fa3ecc9fa637f4baf5474d6cce0488c4ab203304f459fd4dc2a2681024","sha512":"f144ea935245549be9eb48d6c784b41ca484867390809cd9fc9f11f01d8a99f996301cd73f458ebc1ccfade3cd8efe71c59e158e4560adae2ee8d0a0c2b1cc4c","ssdeep":"6144:wBineIgk9Q53VkBgQjbI8lXNdDFJJEN1lBiEjUQ210WKWKVUXZQj/z3dcSzk6y8N:EhaOkM8p/JEflBiEUiNWKVUJo/z3dc+B","tlshash":"6b54236f727052381f1dca3f787d9109e3d8b892a71a966f46d5aa217e319403e31d2c","first_seen":"2026-06-07T00:14:30.37856Z","last_seen":"2026-06-07T01:46:45.301583Z","times_seen":3,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-about.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-about.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-12170\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=URlBSD3%2Bg1jcIU0E48HMtgmo%2Fy4Yi60Hr0VuOxOc2%2F7z27uYz4zhDtkIPk6qs9P%2FT8MeN%2BDFb30peM5p79fiFLuZcDQlao57rRFNWXV9j0X12k2EpV58dOi6jaNLQ%2FJL4g5SygSxwds%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 74096\r\ncf-ray: a07bb0dc5d135ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74096,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1052x732, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b33562041580c17e5f4c91d17424c1de","sha1":"e36030c0d304b497ed4f0ca8933ebc37408af7f9","sha256":"fda68ee86da6c9933cf26c8a4f69fbf8590d811a37598e93a836cc877847747e","sha512":"89eb64313e7cf2b8c8e7c2db718dd3b54e4d95a9cda4583fdccdba0f9023c64db630625836658c9ba887b6cbb813f5c275e91e154999fcccfe60746a61c5572d","ssdeep":"1536:dAEdVh9L5/melLTRBaVYUdsN4B2A1ptjwWSSVLjLxFVL4JeA6:OYvP1lvaV48r1ptdJdTVUIZ","tlshash":"4473027560086c745d49b2a2a1bb894bf6019f13c0541b45fcff1aa0a2b39f8763bbd7","first_seen":"2026-05-20T07:25:49.893974Z","last_seen":"2026-06-07T01:46:45.302695Z","times_seen":4,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-fuwu.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-fuwu.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-104fe\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3wyDSJwDUdg9AGbwrklYbAa9%2FWf8PsVMrvYGHJVa62DGiL8ycdA5gyYF1jrX2NE0yNKWJZAVIhGXDciqsTjzYMyYh8AoaOs79TIRRWwnaJEPpahKgMznflPYcZg0daaO%2F9xd4gl9gBY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 66814\r\ncf-ray: a07bb0dc5d155ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66814,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 937x752, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"86fb69b44394c84485cd27bdec912605","sha1":"082ddadba2dd29e655ba0aeaa7c09a680680460b","sha256":"676bee00e528c1407cbc77ae42223104718a4ef86c6ce61dd645ee05a592e565","sha512":"fc31b763753ee50b797868b8f16a91ce121a1639bd3aaf102409b25c7ebc5309dc51a02a294871697c0ec3b08a569f1ee9b935bd0241d04439f1f577741ada96","ssdeep":"1536:La7KTOzdvqdE6mZk0dmKSSwcBNaO77mttT6f1ho:Lbq5qDokYDwq0t6f1ho","tlshash":"3f6302bc5fb4d0ca69c890e509b8da32f3d4f80322f91e5199cd04b178d26b6ed499a0","first_seen":"2026-05-20T07:25:49.855802Z","last_seen":"2026-06-07T01:46:45.287508Z","times_seen":4,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/yulezhongxinwelcomegoucaitansuowelcomegoucaiyulezhongxinyichangduocaifenchengdey1644.jpg","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/yulezhongxinwelcomegoucaitansuowelcomegoucaiyulezhongxinyichangduocaifenchengdey1644.jpg HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 24 May 2026 20:32:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a13605a-538b\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RdHqZJeqvnrOUmjeMifXQJCeLMbFJhVuOe8Gzm2fLyHoeQp%2BPpPiKzPUdw77xQ8RuGtmfIDVkV0VXWAnpU1OEQegkY7u2VRqeijZ%2FNTRpbeN2r054GCL1E2J%2FktELD7fEynXx%2Fo6OTQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc5d195ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 302x205, components 3","md5":"099368641834519d570fcc8b3c259b50","sha1":"60542deed0c150dd1babf98cd97f64e8f6e4df26","sha256":"059543227b3a3c95ff55ebe987b140186c50fb186ec76b5450b5d3134d76e597","sha512":"79c09c3621ceb00a2f0f397f3284dea99008e272d67212574f5306408f1b3e36ed651fb108451b1168e7690349b282067e7f56c940a1a8ffbbe18b37423a9cca","ssdeep":"384:e/qEQrJHmK7kpmfecPDrdNUANgIetmT7MDRcgzooWhIHimK4njt7F0jjRVYe+:e6rlRkYekdNjccEDagahIBKit7FaVVY/","tlshash":"c3a2e13b32c0c32ed040ee2f6952f1d5d21364ed356429612abfcb2ea8811d656b9df3","first_seen":"2026-06-07T00:14:30.338525Z","last_seen":"2026-06-07T01:46:45.280888Z","times_seen":3,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/kokquanzhanshouyeappguanwangdengluqingsongjiesuokokquanzhanshouyeappguanwangdeng4663.jpg","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/kokquanzhanshouyeappguanwangdengluqingsongjiesuokokquanzhanshouyeappguanwangdeng4663.jpg HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 24 May 2026 20:32:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a13605a-4f6c\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7JxzEi0ldu7ADM7czs3aqWcS7j758NVaorIuWXYDobabg0P2x8n0K346FgJLliH8bmBXPiFGHgVpghNZkXBy3ye1e8tqMUK3AYTednFBmpOtWetxhRkGDXl5j%2B3jpU2UR8KbBGdCh1E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc6d1b5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20332,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 309x201, components 3","md5":"e960ee9241cc0bd032032739fb26d93a","sha1":"c6af1a6951efc17b8163f18a145142384d865ded","sha256":"9ed613999e1004e01cbf3c6123ff26870a52b26a2e5229be902efa512c200794","sha512":"481bdfe643373ff5329034d5a5c21616a5a03a990df0f87737497a76d99f3b9862e8d0a5a3d06bf937be0bac31239c17ec919ee6f72c193b2c7a4f292f3cf8de","ssdeep":"384:NVyZPSP4UzoJp2QKsJGh0Xwz5pyy2CR3iV958qMSg8bBJzqYZZbDf:nWE4UvQ+z5pyYRqoqC8bBRB","tlshash":"7b92e07a8201a9c5ff504bb09f8f5918168b08d9080d075b7b37fa8bda336d7dbe4502","first_seen":"2026-06-07T00:14:30.368859Z","last_seen":"2026-06-07T01:46:45.300015Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/bg-2.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/bg-2.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17788\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-457c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17788,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5da152125de1d5f73edf0a42c27f7a39","sha1":"455cb0be2fe78986b231161bc6378fc54a90012a","sha256":"d3d499eb6d918a5d15e4faee4ff3f16d58cefa7f473d5481e5799caa79793689","sha512":"c92b9a5b9172956ca4b327bf78a033e5afbf94be22bf6d763f7411d3a6e7aa18d83cddf7ef1189c4f8186a34d4811be833d391ed32d75b7a10fccea286abb2cd","ssdeep":"384:dhUOe6n8tL59CZffJr6F/DtCLIrM0N3iGcbRh1i3mvX818ksA1:BDn8pCZffJ2F/RC8rMm4th1i3mG","tlshash":"7882d08b5b9c1ff2a9aef0c27ce04e7ab940324261c981549d0b779fed8c1f06905390","first_seen":"2025-11-14T12:52:43.467016Z","last_seen":"2026-06-07T01:46:45.282306Z","times_seen":15,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/right.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/right.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 280274\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-446d2\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":280274,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a7f338c8b3d052d954e47b8276d1f532","sha1":"5557ff1c66278b92c5fdc50e581c20ca05de6b4c","sha256":"af2d1ba1c37795365e83eb2c76d3b4b9c52cb7e4ec2edb9c6c0078a77d9aa5cc","sha512":"100ff23b4a12286025377c01e4b9a254d57d5f278d39f17bfa2dd58a47a273476a174abebd8e3a5957614be086f7c815ef6e26c2eb5115fd4fd8379abcc3fcc0","ssdeep":"6144:nmGnkDrVE5h3B4YKyeXysOeyBJ7L27TXQvNZ0Azut8mYmQ:muWVET3B4YKy2yBJ7eBum7Q","tlshash":"1b5423245ea5b56aea3c6f3eb14140099013964d33b04fcf8b35a4ec615e1fbb73a5a3","first_seen":"2026-06-07T00:14:30.373217Z","last_seen":"2026-06-07T01:46:45.288909Z","times_seen":3,"resource_available":false,"data":null}},"time_used":917,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":410,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/foot-banner.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/foot-banner.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 169324\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-2956c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":169324,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"35c8930c776f3665ba0df6f514869dfe","sha1":"9bc47370b826ef99f5c671533707f4bd4e908b0f","sha256":"0f0509dad98cb6c847229ec452f407743196b6526b9e6d4e9e8117c58eaff323","sha512":"d7095190494abc7e36df91693f54730c4667e67964a04847e4cc4f0fe28a34bc231937ef41f82627a7770791fda4e11876738b730eb555025936e188697019a0","ssdeep":"3072:lqRAZ7X5/kW5zI4DascgP6LHPXfCX8i8SsKyM2AIdQUi+T86fl1+QmjolXK:lqRAlJ/kWt1a1gP0HfUjpsc27dvi+Tzk","tlshash":"4af3128c8d1ee607efc4c6bc0eae7b444d31845bba5a425d35ab25cc964cd18f8eaf10","first_seen":"2025-11-14T12:52:43.488218Z","last_seen":"2026-06-07T01:46:45.296934Z","times_seen":15,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":681,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/fun.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /fun.js HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 06 Jun 2026 06:52:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a23c3ca-4fe\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FuiP3ygGDAwtMq15dvvnKnYOVWZwBMYR7pZwqeWleXTAEQt1BWUEo2mixA6QAcZ521Gvjy8APdoHtm5AZEPECrBcaMtIwAQqeosxQhpRbv%2BkZHlE9xnVE6eJxFRDCJo0cYnDlCDb%2FEE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc4d0c5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4d8fd25fa08eddfaedf4e1ed265ed629","sha1":"4ec71419f7a732ac14056d50ccda98e11ebe0b8e","sha256":"126dc0fb1bc7043ec5b03e5a8ff9ebf7b058557a3c8c98591a867c2b3d6ac731","sha512":"4bbe8018c0e7f3ee080795353a4ab27fbad39214c15b3d43fc2027b14c093fad5cbc2963fa30156f21a90755f79f7dd1d37d57483ef06623d97ade155b17e3a9","ssdeep":"","tlshash":"b621423954d3a83942338064b6a7c3583075d025fb47ca06699eaf944c89f7488bbcdc","first_seen":"2026-06-07T00:14:30.360924Z","last_seen":"2026-06-07T01:46:45.303199Z","times_seen":3,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-dengluqi.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-dengluqi.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-4734\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q8R0KxIstjQl9P8mxkvgZwL4X8iLYAA21ZLuMXN1wX9r23zCc7XGJy%2FMRqghIFWemOUNdDG10hVPDjqVhripKHS4eTrKAs1nE7D3P4Xq2uBuT75TBDdYmrCfVAUjpk8%2BH6MutNnFrac%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 18228\r\ncf-ray: a07bb0dc5d125ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18228,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"86ea5ab930cc876eeffd522ba84f4ea5","sha1":"a0b7d89534b1c034e9420b6b6f57023d80d8cf2d","sha256":"0637e3c2f163b4d448376bfae4d29ba82e501db5f74788f405d9aafe31c3efd7","sha512":"10628f0560c3e73bf09402f81f4c33ba50addca2ae01aef2323b41d2aa30dfd48b67c9308ec92eb4261973e02152403de26363dab2e002c778f5e3017e3323cb","ssdeep":"384:CwGaKql29krPqOlGlrNlMN4N7DvA5OCix6P5YU:z35luJ3CKQviAhYU","tlshash":"6e82c06323b14f27fb857f7621960140f3a9632a450987a290d3061952e77b4f7ee1ad","first_seen":"2026-05-20T07:25:49.874987Z","last_seen":"2026-06-07T01:46:45.304248Z","times_seen":4,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bsportsbiyiwangyebanbtiyuwangluoanquanyufalvfengxianfenxi7124.jpg","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bsportsbiyiwangyebanbtiyuwangluoanquanyufalvfengxianfenxi7124.jpg HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 25 May 2026 20:38:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a14b338-4d77\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2IUzJBg63T3Jc7sLUpO6gIMn3r8%2FGXIot8Hkk8cCaZgYZgT5vwsINj0vmkpNw8FDF2GjhGmTd42YAfQr6PCjy5z6IZ42%2FRPKjxmf8DWqGRgOxS6QGXosqxUxpvT%2F43QvoZxq%2BDF7%2Fdo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc5d185ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19831,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 329x233, components 3","md5":"0d101aab4b7f8bc38f49721ace22003a","sha1":"94fc6f54b7a6ab0c31dd23ed44f6fd9b366786b7","sha256":"c500343c22ab883c0407472dabec85124824ec6755cf697387eeb98d92060d81","sha512":"d9f39e651a7c50cdea116985394caad3cfd4689db821fdac4b7cfb725f0eeba3790cd34b307eb9119d05f62cf782f7005d167d30c0f67545cfbc415fd6953e6c","ssdeep":"384:W3yC7xxj2vdtYsBM7QafickQ3+fHFZ9/u20cYaiEzKCbRjrIYJW6D4pmqSzl/1mr:C9+4sBM7QWiziSlZ9G20cYaiE+CyYJWl","tlshash":"c492d006aa64479970fa0e3e08b63e110dc23e894ceaaa521c74f07cf8fc1d77a55225","first_seen":"2026-06-07T00:14:30.370717Z","last_seen":"2026-06-07T01:46:45.295787Z","times_seen":3,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/?agentCode=16pMv6h2","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /?agentCode=16pMv6h2 HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 17:22:00 GMT\r\netag: W/\"6a2305b8-aef1\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"jQuery:1.8.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":44785,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (355)","md5":"4355d440459d3095ccbb47b9fb99ebf8","sha1":"6ecfe2aa4ee0ee2e5f715ad4ec3b0bd936151a43","sha256":"36ac0d555d00493da56b7432acb134ddf1fe83011336f94b5659aed130f20c2f","sha512":"b5f1a9112ddd4d0db588c65874ccb6493676fa3f488f9697f19499ab40b8e5e989af5376013c4206f69fb11830bc7cdd9e4abf1a49eea133e89681303f707328","ssdeep":"768:u6L917Y5oEKxqt3kfgxWiJcv7urWMIviuxcahq6u7r:uSYkox3YIWMCiicYqPr","tlshash":"b4136cbe03b7aaad041210d84748905e764c8b8f303f4b447fbe9a5d7fddeaa4505683","first_seen":"2026-06-07T00:14:30.390867Z","last_seen":"2026-06-07T01:46:45.286419Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1120,"timings":{"blocked":382,"dns":29,"connect":173,"send":0,"wait":346,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/8.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/8.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 199172\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-30a04\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":199172,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5ec273988314b0029d87c9ba3cab4c80","sha1":"8de1cd9352c589c3ede6d29c167b718ee18858d2","sha256":"cc6fc93de2de9d737953ede84755bdfbb09837d3fc8386b0626276d0daf8fdd6","sha512":"14906dad55441d326ab67ad61f213cc2771a7cc6cfaba22935cda54d3f91930ddf47637da22d577d2dc878cd64b52d6e56fd5e81567bb6e7f25ec05f85ebfcdb","ssdeep":"6144:qtjOGZOzyVVcxhLwnjwllpoFuKqZxjPin:qhOGE2PEblogTxjan","tlshash":"131412e1992b438e519c9ff86c65a5506c13bfc36347e011da22abb08e3649ffe0d1d9","first_seen":"2026-06-07T00:14:30.343204Z","last_seen":"2026-06-07T01:46:45.290485Z","times_seen":3,"resource_available":false,"data":null}},"time_used":903,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":394,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/reg.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/reg.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11700\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-2db4\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":11700,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3d95376098a757a1314835c1803b2b61","sha1":"40e1670e42dd9a82eb0bdd286d8a01f452dfb528","sha256":"d877cc48870f3d270cf31598d432e1e5a3fa41855727be300581de592946f6be","sha512":"3232c0c538ecc49f2cc4bb0dd7040d29f6549f00dae85c79caa91a17d1dc239e16498f5ce4f7a20c33ae2f3b954441d213a8428ced5a287ffb9d19a2decb774d","ssdeep":"192:A730JNo/rN4cN+JXS7iCVG+cco547wDvyThc3i8vwSsZP3gNSbrGjsG2w8:d8+JX6axcBsQEBwLWjD8","tlshash":"3e32c0abd5185f6788fab024f63bf8d67b13fe4e94f01a14596d80f416f056360a046f","first_seen":"2025-11-14T12:52:43.460305Z","last_seen":"2026-06-07T01:46:45.291098Z","times_seen":15,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":353,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/swiper-bundle.min.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /swiper-bundle.min.js HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: W/\"6a2286cf-259e7\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":154087,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"5363dba1dc13856b5d7bdbbf1b5b765d","sha1":"4efa3269598dead6df770ef3ab0e8c4129324c23","sha256":"3938213301426c8e6003facc81cd920028e41ce355f2c66b1df23a8c597eb131","sha512":"fc90fb192a2b8d306db2a0952667523f9d9c729089a677239de516913ae07acfcb9db8ac12d0c1a49139f2b559404a8ff4856bc6e1382799a5876ddd12617e6f","ssdeep":"1536:pKJqLfGmNQ2X8NFbauBE+UjF3jrMtOBlxvHlik3+ckNkeyGCjmFiBnyOlV/TDUr/:EJebsNQ9ik3GKBnR/TDU9chHdN+ui","tlshash":"6fe3e789a221b67646e3169b93e4c211b3b54540b80ac4f470bd4c9f597ec9c13feefa","first_seen":"2025-05-23T16:19:11.217273Z","last_seen":"2026-06-09T04:46:11.345209Z","times_seen":1383,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-manyi.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-manyi.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-146b8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vRZiSHRapo1fgOXDshsZPMk6NUTa%2FpIpd5Cl1J2t2uhwnuL2jknNFZox1MSHDJV1uUCr49vE5PpwUqK%2FdXaEGdu5ewzyxnTfukNgNHn1dezXzBvcvpr0lfxRFPd0tUTslZEphDUrXQk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 83640\r\ncf-ray: a07bb0dc5d175ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 945x757, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b9373798b26e7d8f3a44a8394562459b","sha1":"0a947e41c17199384e7b2553ac0fb4ecf5002d68","sha256":"7d9a1410306d9095a853c8bf99ad552acdc24602e1db961980714b7a24c8f8cf","sha512":"60d04a9154dcfe5b4cab201452b3f9b9af4e38c986ed9a6811332f74d58b6fd14fa9c992fb0165e43abf3c4cb5a5295dc2651c0d46dfa148bf5b1a081d68be80","ssdeep":"1536:FJP0+6bsRv78PoNmH8HzmICNThV1+hJ7N5iByBVMMcRy8qtOethxHhoFhgGCetoj:/P0+gsBio8Cu+5iByXcR/ythckgohp","tlshash":"0c8301853322190d5dae7d477283c9e8b9b5f72d514722df487c039ba4cbb481bab1d2","first_seen":"2026-05-20T07:25:49.895058Z","last_seen":"2026-06-07T01:46:45.279739Z","times_seen":4,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"node91.aizhantj.com:21233/tjjs/?k=47z438qeo6x","fqdn":"node91.aizhantj.com","domain":"aizhantj.com","tld":"com"},"ip":{"addr":"43.174.27.154","port":21233,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.aizhantj.com","organization":""},"issuer":{"commonName":"Leocert TLS Issuing RSA CA 1","organization":"Leocert LLC"},"validity":{"start":"Tue, 29 Jul 2025 07:48:12 GMT","end":"Sat, 29 Aug 2026 07:48:12 GMT"},"fingerprint":{"sha1":"08:E8:20:3E:64:D6:76:65:C3:01:5A:25:5B:CE:23:E1:04:FF:9D:3A","sha256":"ED:59:41:83:D6:B7:DC:EE:38:8B:4C:EC:A7:BB:DB:86:03:54:41:AF:C0:7D:3F:63:B3:8E:65:A6:75:6E:6C:1B"}}},"request":{"raw":"GET /tjjs/?k=47z438qeo6x HTTP/1.1\r\nHost: node91.aizhantj.com:21233\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\neo-gtj: 1.0.17\r\nserver: nginx, Aztj(node90-1)\r\ncontent-encoding: gzip\r\ncache-control: max-age=1802\r\nage: 0\r\naccept-ranges: bytes\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\neo-log-uuid: 5241283800500343133\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35703,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"bb958d31180063ba2273ecfc624bf22d","sha1":"4ab78e9eb20037bbc1e0e3924edb2d70261d61ed","sha256":"bfaa94538f46eee7fe160baebe855014131a947208c6c9664b489a8dd64bd579","sha512":"dd374a7b90b7dda2a1d4406d08cb0ac14641f459be48627781b1bd1b6185fd6adbd80278d4bf5caed2e9c87c0540b583df87692f1ca246404c4a21a9d619936c","ssdeep":"768:7kS5kuNczE4rDE93/XrWpWdk2pByX5h0N:gSOyczE4rDE93/bg+Bk5h2","tlshash":"88f2e8d632ce253692767099d95ff50cf8b96a1437d9ac44590cc0c46d208ba83ff9bd","first_seen":"2026-06-07T00:55:50.686635Z","last_seen":"2026-06-07T00:55:50.686635Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1450,"timings":{"blocked":572,"dns":55,"connect":17,"send":0,"wait":303,"receive":0,"ssl":499},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/down.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/down.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10530\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-2922\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10530,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f3e4f1631b3215a00240110026e6c993","sha1":"7c83130721d1001cddcfae0d2bcd4d8939e68fa2","sha256":"646f5c343b5061ae52644fb3e254586553f2717bfb523024251ee52935d700f5","sha512":"0f3df922fb14f4fbfd4396f1636e2e2b97cb232bc592a6f3a13014ea7eb8b3306f86be56a941e338f3a4216246ac05a4ec960d96e5cf60d66b56eafe00893557","ssdeep":"192:u730JNo/rN4WEX8fmHTmFKFR6JDCgQU1CFej07LfM7J66r3VS9+4yjawh66la53G:HLXSFKT6JDWkcg7Iy3V0+ljaela5dg","tlshash":"0322c059c4f8e7470db0b7f0497a2337189dfac0d80578729e27f57ca322c126a266d9","first_seen":"2025-11-14T12:52:43.480605Z","last_seen":"2026-06-07T01:46:45.282903Z","times_seen":15,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":353,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/api/init","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:24.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"POST /api/init HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nOrigin: https://smrncj.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:24 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://smrncj.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2694,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ecdb87d0d44494ece5e825e5c694821f","sha1":"445c1e449edc22fcf8515411d41cf5924b53502d","sha256":"a0e5431bf797cd7fa35732a313f23b52b2b70b9477917d1e0352c9b345a76f8e","sha512":"b00ee2d37b91b3cc57dfc0d252a5383a4abf5bf175e1a1ddc983fe50d90febaadc6de0cae768ad749575f7ac941d7b8a9cb2eb77eb110ee5f21dfd9274af901b","ssdeep":"","tlshash":"e8515373211b58720683e5cd138cb908d4ad5b3789dee8aaec99ae2941e75ebf114248","first_seen":"2026-06-04T03:57:19.583647Z","last_seen":"2026-06-07T01:46:45.298992Z","times_seen":5,"resource_available":false,"data":null}},"time_used":454,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":454,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 33205\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220046-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 2153222\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nzEar0W%2BMb6OG%2FhDRDspS4ygZgDPx5VDNnZ0fGCG%2BY1iz0%2FyOspPR2OqdCHXZDC41IIpw0vRaFmagrtEFJ7gBMxLpD1e7WsoD5jBnyvYth8amIzZucYW1zwvk5iZcBsuCIQ%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a07bb0dc2df2b521-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232914,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"fe7fdfec700d100dc745dc64d3600cb2","sha1":"b231651e0fd68bbd8758189fbd3642c462d34fa6","sha256":"7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a","sha512":"b7819649564ed5e0bc04cdf7f5777b529870e6cd7b6bcead219223f2a4718672ae6fa5a8ca19ebc5e08831e02a04f81d646942706d8fad98cc73e5abefcfb95e","ssdeep":"1536:VYutjsbf98fOdBfvO5wlP7Qy9A374298wsY/ElV6V6pz600I41r:ntj898fo298uI6V6pz600I41r","tlshash":"383481d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-06-09T22:45:43.494336Z","times_seen":23579,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":6,"receive":2,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/logo/logo.png","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /logo/logo.png HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-48691\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2Fsw7eBYTRZUzFafOwi60XGNyBHYMmN%2BlJzXhLxjsTfffen3bjqLCdzEyL2ZwHS3gL3QsfylEgu6RXt8Jkfxj83FpJ1zMw7ij4sXkMeyUb%2BEeuN%2BW9jhdxKWn87BVEFKlQfEFKxJL7w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc4d0d5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":296593,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"476a5ab2bfc4ada0832ce22a0c98b541","sha1":"dac98cc1c483296f5f81f8d4d21124ac6e0d8ef9","sha256":"5176acf8a048189ce6e2f492133021ef0cf4bfc54521d5ebf8464a77f991f07b","sha512":"9bd06477834eaa808b81007e3126a2c61af2cdbb5bdcba883f875ddc460fb605db2dbb056312b63e3ab4af26f5a1aa93113c1602810d4dd04ea96c9d0517c08f","ssdeep":"6144:3s0vMVjpP23FqYQqYCQ5ZXvZlhg/GBcbWvV6YSOmjdaw:3s0eGFzQqYCYRfh/qbWEP1T","tlshash":"055423a127e125eefee36142c2266eb1fa7d1f3ae041756dfd27beeb41483601316124","first_seen":"2026-05-20T07:25:49.854581Z","last_seen":"2026-06-07T01:46:45.283993Z","times_seen":4,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-quanzhan.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-quanzhan.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-146d0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ja8YFbnuasZ5qSNPnkk0fi8%2Fea%2Bw%2FDZpbZgPnH49707KkD9Ac0a9BkRgpyaZKb51AM1LLAogtI5Bb06fZn2nE09Jz3JFtMxHMc9zu5wC4GMtT%2F2%2B1S12wWlHADKz03uVIaIu%2F4aWY04%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 83664\r\ncf-ray: a07bb0dc4d0f5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83664,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x748, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f34661e79c48a7547536e4c2306f1dec","sha1":"b9cf255813465ba5e0431f904925a80049da2d2d","sha256":"3ee1bf22d04acb1b0350a5b143280d5f160d21930888d725d70d7244782a1a07","sha512":"ed137d0ee8d8554cf6fed214a86aa294086a562b7be6c1dba41705decec6d44f98fc3c3b6d7ab94625aa60be23da746c1952fdc18db79780e3510d22fe85bfaf","ssdeep":"1536:5cVIywBcIKZJqsZsmsIffTWnl4Aer9KLbHmjn6WVe/9NTEakiZI4Y8BWnbJr:5c2ywe/Zs+jnF9KvHmPVsNkrd8BWnVr","tlshash":"ce8302d27f2753a6af22dada21c635cee02c6e45098eabac1413005b5f07d74a4ee707","first_seen":"2026-05-20T07:25:49.878044Z","last_seen":"2026-06-07T01:46:45.303759Z","times_seen":4,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/bootstrap.bundle.min.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-13bb5\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B9S6PIBX8P%2B8LY7eoeZT63v17UJ33X8fG%2BFIrhx3x2BmEp8%2FKkId%2FJFHTKRfAMYCpessDFHCqzFUizU%2BbQPyqr6PFtWw66R3ZDiG%2B3I3nqWpn7N7o5QtXGM%2FAGqmEnO7AOUwan2Kw6E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc6d1e5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-09T13:47:02.245073Z","times_seen":2105,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/swiper-bundle.min.css","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /swiper-bundle.min.css HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: W/\"6a2286cf-4815\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18453,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (18200)","md5":"f2c0d44a69cbffca0be135cb4ba124d0","sha1":"33fad2528d85719461a9c720b0647b077a1f58e9","sha256":"02c3beb241dc71b12393416507df488d574e0482a15049a938adb2e736aa6cd8","sha512":"9171b17faae76189e5593a627880dfc48b3116ee0c4300885cb4f1be1aecf35a12abfbb710327acb041fbe96d3ad5da0774a17554485cc0f99f4cff306ee7652","ssdeep":"192:JZrmUJbiKne5JTLdKSme+jeF474nQ7p/l2GZb0Q5RfufKDvAYfg5faeesedOJxbw:JZqUbe5JndKW+Sa0ni24tnWfz4eNi","tlshash":"de8256a45350182753274f374bb1cbb9d97444c24f9389ae91c0ee58d7facb9132f2a9","first_seen":"2025-07-06T20:34:08.51017Z","last_seen":"2026-06-09T04:46:11.255988Z","times_seen":189,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/assets/foot-3.webp","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /assets/foot-3.webp HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 38100\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: \"6a2286cf-94d4\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38100,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f246de12678aa0339ec4ccf31b923e3e","sha1":"0d176ff542b45747a7f9f6f45bda2f81f20b2692","sha256":"7f8c484b9e2c95e5a434767b3098eb9acba5275a7bb9514f77751c418262abd7","sha512":"c027d98c4abf22c985476345f6591384d6d43a9c9a02c2ed6284924eb0a4bc24043d24dc2ba2704f26e7f263d0ba7ac2ceb3cf38367ae7986ec136b2e8ad40e6","ssdeep":"768:ivRRAWRUVt5RZQFdAy7HMLfha+/hXS4zKyXxMAUHQFXaaZHPpVe6dc:ivaLx9OHMrhaqhi4zKyBMAUwHZhVJe","tlshash":"4703e021daa9d2637ed9ad49b71df5d71bb4a901c4a0ca0287b42d47d90eccb0e7f206","first_seen":"2025-11-14T12:52:43.449335Z","last_seen":"2026-06-07T01:46:45.302146Z","times_seen":15,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":679,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"node91.aizhantj.com:21233/tjpv/?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1934537032\u0026si=47z438qeo6x\u0026v=25.01.26\u0026lv=1\u0026api=0\u0026sn=11169\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Flanding-bet365.com.cn%2F\u0026lvt=1780793724\u0026tf=1780793724\u0026ej=1","fqdn":"node91.aizhantj.com","domain":"aizhantj.com","tld":"com"},"ip":{"addr":"43.174.27.154","port":21233,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:23.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.aizhantj.com","organization":""},"issuer":{"commonName":"Leocert TLS Issuing RSA CA 1","organization":"Leocert LLC"},"validity":{"start":"Tue, 29 Jul 2025 07:48:12 GMT","end":"Sat, 29 Aug 2026 07:48:12 GMT"},"fingerprint":{"sha1":"08:E8:20:3E:64:D6:76:65:C3:01:5A:25:5B:CE:23:E1:04:FF:9D:3A","sha256":"ED:59:41:83:D6:B7:DC:EE:38:8B:4C:EC:A7:BB:DB:86:03:54:41:AF:C0:7D:3F:63:B3:8E:65:A6:75:6E:6C:1B"}}},"request":{"raw":"GET /tjpv/?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1934537032\u0026si=47z438qeo6x\u0026v=25.01.26\u0026lv=1\u0026api=0\u0026sn=11169\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Flanding-bet365.com.cn%2F\u0026lvt=1780793724\u0026tf=1780793724\u0026ej=1 HTTP/1.1\r\nHost: node91.aizhantj.com:21233\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://landing-bet365.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS\r\nset-cookie: _aztj_sess=m896mku3nrq3qkqcsg0btsl0d7; expires=Sun, 21 Jun 2026 00:55:24 GMT; Max-Age=1209600; path=/; secure; SameSite=None\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\nx-mtj-pc: 28\r\nx-mtj-ml: 1\r\nserver: nginx, Aztj(node90-1)\r\ncontent-encoding: gzip\r\nage: 0\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\neo-log-uuid: 4993904307171427302\r\neo-cache-status: MISS\r\ncache-control: max-age=0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-06-10T00:15:08.52645Z","times_seen":706500,"resource_available":true,"data":null}},"time_used":861,"timings":{"blocked":46,"dns":1,"connect":17,"send":0,"wait":769,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-zaixian.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-zaixian.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-16c90\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sGnuw3UQcDZPnVqQCN0eiNg1amQbkHxfDXiXzTOSj2XtjSzH5AqoHhn%2FRTaSLM5WLQiD6tOl5xrbDCCL6cXFeE9eY3j%2FFynZeiotbBnmWZf6JD%2F5rO5vNOmVY%2Bp2i1z9U40vvWJaj7w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 93328\r\ncf-ray: a07bb0dc4d105ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93328,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x750, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6fbbaa9701422cc1bdbd15099f46486c","sha1":"059feea73f3213dd73471a4f49e250e1367fda89","sha256":"649bccaaf10d24ae6dc6ce1201878dd0b4261b64ac621c30779235d51ff2681c","sha512":"fbf7f4aa7331a956efe8b33ca9522d43a7fc59f408a1aaef93ece2ab2c2b567516fe98d0423bc55d3011743e2da0284e635bb3cb9efff76dafc8595accc4228c","ssdeep":"1536:MjwXxDES3LNIWvyKczyP2PuFTUy7yDQuNUYybiz8gOsABNHpBHlpXDi7rzrvW:iWqSbvyIkQuCrgMNH7HfXUzi","tlshash":"de93022923eb430f9bc6390614f39ddcb330627744b9b2985466fa72e062b5e849b745","first_seen":"2026-05-20T07:25:49.88935Z","last_seen":"2026-06-07T01:46:45.289435Z","times_seen":4,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/images/bet365-pingtai.webp","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /images/bet365-pingtai.webp HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\netag: \"6a087643-12738\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 2481\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9RgDSWrJpHmrnuPVM4df1mRQ57zVObK9SX1UDPcPNvtymbVObHhK%2BfOBYRTMX1fWiIAsXg72Mv9h%2FcddmQWe1VV8SIH5vp5htynXPW5GjQFsghQs5V0HSsTk5PTMdebDYraO0Uj7ykE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 75576\r\ncf-ray: a07bb0dc5d165ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75576,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 897x747, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"eec4917bbec7f7afa785dae07c254c25","sha1":"6885fe8c9ea240260eb682ea609718eca75944ae","sha256":"faf6694ff644360aa27e7a512b2d9b5f10db4537db99eb504ef72090b8ca3464","sha512":"c41cae8c117e72d94d9ad073c54719638d64c5e67e7533c1342e5100e7e3ab49d3f0020b23ec348b098ef9a19fcc3a28b3d945c5584931ffb699f8063a1cb289","ssdeep":"1536:+tkWb++c8/9zlCOw8OCWW49NX5LGIUUesSTGe1O:+uWSakzh9NJ9f9SS0O","tlshash":"e17302a0f23251fe347543f0a316507f93119849dd73f68119adf2689d3227bb2abe01","first_seen":"2026-05-20T07:25:49.879209Z","last_seen":"2026-06-07T01:46:45.294056Z","times_seen":4,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/main.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-1298\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TQr4jULPIW%2FRHqymkVZH7nYmpDVj%2BNDfph9pbvjpWWg8Dw0e1RaGepCO7xWXs4GtoHrnHqcSqRy8a4EOn5sUgk8ZaDUitK1VXziDK9M1sUqAjIV76zgjDgD6tT8o%2FX%2BB3J7wCTG7L3k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc6d205ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4760,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"758f026db1bd5e1c8aca671476665f05","sha1":"5a408c21f971c0ef5c2f75b0acea353370556661","sha256":"0ffddbb071a1f28fefc96300cb3f4bf173fcdb571f823e4ad161bbdb570bbc0f","sha512":"a1c58b5671584a5140063e91ca8bc00495b12a26aeb484529bc34066bdf26e91d71ee94c5b3e09845d3a49c2369e99daf9b4b702bb6c6ed22d3d1a926987e499","ssdeep":"96:hyKUgZKCk0LsVhXK7H2WK4bKbuqlQ0af6nUymKHFKeQfWKRMk0E16Ln0:hyKU4u0w3X9W1b4uqlQ0afUUymOFEWgv","tlshash":"d6a1613e11b510b48137a051e7de6b49763a019b3004d995bd3d8a4d3fc0ee929f1af2","first_seen":"2026-05-20T07:25:49.897038Z","last_seen":"2026-06-07T22:57:44.763964Z","times_seen":15,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.matomo.cloud/9170.matomo.cloud/matomo.js","fqdn":"cdn.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"3.167.2.76","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:24.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.matomo.cloud","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Mon, 21 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"7B:9E:B2:8F:2C:21:F3:D8:CC:C3:78:9E:88:F2:FC:72:0C:FB:68:3A","sha256":"D7:E0:95:8B:B8:35:19:48:30:B8:87:D2:5F:82:0D:1D:DF:65:27:5C:9A:83:C6:2B:1B:9B:3F:9C:32:70:25:3C"}}},"request":{"raw":"GET /9170.matomo.cloud/matomo.js HTTP/1.1\r\nHost: cdn.matomo.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: CloudFront\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 07 Jun 2026 00:55:25 GMT\r\nlast-modified: Mon, 18 May 2026 14:00:20 GMT\r\ncache-control: max-age=691200\r\nx-amz-version-id: wMlg7eg5Zs.09i_ssWakMYkvBsft7WTX\r\ncontent-encoding: br\r\netag: W/\"2bc993f46088bad8457441079ec1f93e\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 53019ee090f087ca6c6fa860098bcd80.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 8hyRPKCDUJhYAAn7PivEMRSHqvZAhbD3Hnlnn0N6yKOpehVbfwLF7Q==\r\nstrict-transport-security: max-age=31536000\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":154949,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2923)","md5":"2bc993f46088bad8457441079ec1f93e","sha1":"7d04ba6473d6b79a7337daef63e1f3b66ec27fa4","sha256":"af0145825a50ccdf0e95b0fba01d3e9694132465259130d9c0e06b7c0f471797","sha512":"866e7eec70fe832f760568cc8b4591c393e42c181303d6ac4ebaca72bf9157c9d19dc8c500fc86bdbd604553017c0c66421e736b1e611146ea4e031e59197eca","ssdeep":"3072:AT+Z2fucXYy1PGJ9d1QkNw0CN1Iy/Bi4jZdV50tqv:ASUucfBGrd1HOmoBi4jZdV50tqv","tlshash":"59e3f88a72c2753a86eb60b5543f210b737a9daa2448c0b4f625c4f53d78e1e513bf78","first_seen":"2026-05-18T13:11:50.243772Z","last_seen":"2026-06-09T19:56:27.161292Z","times_seen":690,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":37,"dns":30,"connect":1,"send":0,"wait":101,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9170.matomo.cloud/matomo.php?action_name=%E5%B0%8A%E8%8D%A3%E4%B9%8B%E9%80%89%20%E8%BF%BD%E6%B1%82%E5%8D%93%E8%B6%8A\u0026idsite=5\u0026rec=1\u0026r=596707\u0026h=0\u0026m=55\u0026s=24\u0026url=https%3A%2F%2Fsmrncj.com%2F%3FagentCode%3D16pMv6h2\u0026urlref=https%3A%2F%2Flanding-bet365.com.cn%2F\u0026_id=b79fdad14391c952\u0026_idn=1\u0026send_image=0\u0026_refts=1780793725\u0026_ref=https%3A%2F%2Flanding-bet365.com.cn%2F\u0026pv_id=wbeoDh\u0026pf_net=478\u0026pf_srv=346\u0026pf_tfr=0\u0026pf_dm1=1050\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024","fqdn":"9170.matomo.cloud","domain":"matomo.cloud","tld":"cloud"},"ip":{"addr":"18.195.235.189","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:24.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.matomo.cloud","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 22 Mar 2026 00:00:00 GMT","end":"Mon, 05 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8B:64:A1:63:66:1D:FD:B1:E6:3E:8B:EC:86:33:74:14:B8:30:E7:01","sha256":"07:61:C1:17:4B:63:B2:8E:A4:EA:7C:77:0B:6D:1F:D9:60:74:07:25:5B:90:40:54:EE:F1:74:4C:5B:D2:50:3F"}}},"request":{"raw":"POST /matomo.php?action_name=%E5%B0%8A%E8%8D%A3%E4%B9%8B%E9%80%89%20%E8%BF%BD%E6%B1%82%E5%8D%93%E8%B6%8A\u0026idsite=5\u0026rec=1\u0026r=596707\u0026h=0\u0026m=55\u0026s=24\u0026url=https%3A%2F%2Fsmrncj.com%2F%3FagentCode%3D16pMv6h2\u0026urlref=https%3A%2F%2Flanding-bet365.com.cn%2F\u0026_id=b79fdad14391c952\u0026_idn=1\u0026send_image=0\u0026_refts=1780793725\u0026_ref=https%3A%2F%2Flanding-bet365.com.cn%2F\u0026pv_id=wbeoDh\u0026pf_net=478\u0026pf_srv=346\u0026pf_tfr=0\u0026pf_dm1=1050\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024 HTTP/1.1\r\nHost: 9170.matomo.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 0\r\nOrigin: https://smrncj.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 07 Jun 2026 00:55:24 GMT\r\nserver: nginx\r\naccess-control-allow-origin: https://smrncj.com\r\naccess-control-allow-credentials: true\r\ncross-origin-resource-policy: cross-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T00:14:21.104822Z","times_seen":16282530,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":135,"dns":23,"connect":22,"send":0,"wait":79,"receive":1,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 09 Jun 2026 00:55:22 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2Fo7A5YeEqM6EQU5vXB8%2BjDxnz%2FKBAR0tMkuHCEqQXA1DxseJSb6ycb980aH%2F1z2CTasWfhPzJycVhDrXbJRDBPbQguOhHn8KwTSjkeiVm7jv2w48Jw6U%2F%2FtYv7PMhRmUYPJTik5xXk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\nserver: cloudflare\r\ncf-ray: a07bb0dc6d1c5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-10T00:10:51.525393Z","times_seen":365109,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/css/style.css","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: W/\"6a2286cf-9d4\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2516,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"cd6d6728d78ec3cf4d3779d4c40019e2","sha1":"48ee75bafc4d5ea68b94a3f465b7988681645274","sha256":"fbff621eceafa710752c8ac4d9eb30964e4656fefc0a0384fdadc7acc8f745cb","sha512":"3839d851269a762cc0720cac8d0b97391751f5ae9ffaae205afd68ad3479af873a8bd2c3d04aca7f3b400582d86172a1946e3a45cb9ecc6df2bfc790753dd244","ssdeep":"","tlshash":"8851fd91099b1608760be4516bf62b14522c8147d64fc4bc3fd673898fc72998af3bec","first_seen":"2026-06-07T00:14:30.376582Z","last_seen":"2026-06-07T01:46:45.29827Z","times_seen":3,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-07T00:55:21.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Jun 2026 00:55:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nset-cookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sS0thLDq8YELlhcOl%2BixZ%2FVhWbkwhbI2Bcr%2BRqELIFiocCWWYcQm2sQEIzn6IqlBXi%2FDITkzH4ifsKxtCsHXozCye%2BhzpurILivDToHC%2FRwwM0nXpMFmp%2B%2Bhkvvb8tGAQdzdfGUEKlQ%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: a07bb0d4ade876ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":37286,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1417), with CRLF line terminators","md5":"2bc3d476ceec6a9e7f8fe3c121beb4dd","sha1":"1f37d3b09b697b5e60d8fd161e720b55e5719bb7","sha256":"ff308996692378499a403de7e817c940c696be8a0716c59951e8376e9ac79117","sha512":"47aae22b5a490336678c66b66fc377d3e45628ab9a0440507cdc460bde7345432587000c5dd18287ea2a9bb845e8f9a30e1b597c94a68497b788df65a48bd91f","ssdeep":"384:aPSKuClZQctIHwOMJChSySPYmtDXU+9ADP4y0u3eCft99p8:aPSbcZQctirMguPYmtrU1P4y0u3J99e","tlshash":"c0f2507260c168bb41b382e59b60676dfdb1d18bcea7824173fe2f8b1fb2d158803519","first_seen":"2026-06-07T00:55:50.710067Z","last_seen":"2026-06-07T00:55:50.710067Z","times_seen":1,"resource_available":true,"data":null}},"time_used":989,"timings":{"blocked":29,"dns":16,"connect":1,"send":0,"wait":927,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/css/main.css","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /css/main.css HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-718c\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=73Q1PjWg2WWYWz6d8ooXFpluqj6t%2F3lSsjAU6s1tYxmT%2BMu%2FDPu4b6jjGHm4JWuCp2iaEM0zgtYCeCCFUfA09v2o5Oq0A%2Bx1WuFj5bCLjBjMijrYYPzneiwsCI6eL3KI1rR6n7XUCgc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc4d0b5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29068,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (338)","md5":"f1233a32839a606b3e2ec2670f41050c","sha1":"168ccf286cc54328a8cabace157ddf526afb8558","sha256":"b1f76f4a1089ad29f15a7a2809b3b1fdcfe2669efbe9857d015f5e653e52bb12","sha512":"b1937e7557ac157bcd792980a7c6397d1321909b0f140fb8e8ce70b36be2039413b811f29ffc2db9c6dfbf64034ed5b67fb124f359b67f8acbcd106103c36d58","ssdeep":"192:jjwcAaSIFFw2296L50UY8HwuaBBfJ9WU0qyCPcxLVZIQ/TgGCetMwuGwh2NamT45:jXFhN+CEFlF2huD1z5h","tlshash":"7bd202555ab31561b81bd19c2bfb9789233c9043dd4fcd6d7bce62448f892e860a2f8c","first_seen":"2026-05-20T07:25:49.892888Z","last_seen":"2026-06-07T22:57:44.762149Z","times_seen":14,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/swiper-bundle.min.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /js/swiper-bundle.min.js HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-22512\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0xSq4%2BP0my9Usws9bjfrwqQRsxtFPOl365iiMXeJuLq3XBteDYHMu5I4nQ%2BA8Zjz8N%2BMEN0gQ1m9lUJFeXSr%2BTzE%2FB4kj5HiFTPf7v90T2C2gRxO5HCn65UT8lrkpjmRFTpr4PaBGec%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc6d1d5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-09T19:49:43.345117Z","times_seen":4535,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"landing-bet365.com.cn/js/home.js","fqdn":"landing-bet365.com.cn","domain":"landing-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"104.21.17.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://landing-bet365.com.cn/","date":"2026-06-07T00:55:22.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"landing-bet365.com.cn","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 09:05:58 GMT","end":"Fri, 14 Aug 2026 09:05:57 GMT"},"fingerprint":{"sha1":"50:4E:FD:E6:28:96:E4:23:AC:32:36:CF:C4:85:83:40:1D:A4:76:78","sha256":"10:77:AC:7C:A0:14:72:27:63:AF:4E:1F:FA:5A:3D:30:FF:2E:90:71:05:A8:33:07:3E:59:8D:96:0B:0E:BA:31"}}},"request":{"raw":"GET /js/home.js HTTP/1.1\r\nHost: landing-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://landing-bet365.com.cn/\r\nCookie: server_name_session=0a8dedccdd7a6220837e85d376654a2d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Jun 2026 00:55:22 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 16 May 2026 13:50:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a087643-16aa\"\r\nexpires: Tue, 07 Jul 2026 00:14:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 2481\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J%2FHDKJ5UHjg%2F8l2l9l1NLg16GdFQX7fpaOPhnLpeMPtZBwvVOP0HvLKjZsXURcNWhgPe5WQarXfEdbWDqHF2oJP5tNRAp%2BFQLBbbgFHpgkmNbSuCGI4sNcanU6VwWIkQvSBEMc4%2FZys%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a07bb0dc6d1f5ebd-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-09T13:47:02.245933Z","times_seen":778,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"landing-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"landing-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"smrncj.com/js/tailwind.js","fqdn":"smrncj.com","domain":"smrncj.com","tld":"com"},"ip":{"addr":"182.16.49.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://smrncj.com/?agentCode=16pMv6h2","date":"2026-06-07T00:55:23.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"smmwxx.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 08:32:01 GMT","end":"Sat, 29 Aug 2026 08:32:00 GMT"},"fingerprint":{"sha1":"CE:A2:29:5C:6C:45:D3:61:4F:86:48:0E:AC:2A:60:DF:E7:F9:A1:AE","sha256":"05:26:0C:EF:E3:AE:C2:8D:17:EF:57:92:4D:19:D2:37:84:16:F1:37:BF:6E:B4:5D:CC:E0:04:CB:21:23:FC:15"}}},"request":{"raw":"GET /js/tailwind.js HTTP/1.1\r\nHost: smrncj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://smrncj.com/?agentCode=16pMv6h2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Sun, 07 Jun 2026 00:55:23 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 08:20:31 GMT\r\netag: W/\"6a2286cf-58cad\"\r\nexpires: Sun, 07 Jun 2026 03:55:23 GMT\r\ncache-control: max-age=10800\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":363693,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50801)","md5":"c193259f53fb33856681902d899d0b04","sha1":"539d13d4016170493357b58e7efe676b700d31ba","sha256":"78f70dbdf61859c3a382c96c27880fa5737216af6d491fedf73a3356ccab05bc","sha512":"69ab3a80f97b0965712cec07246ccd9542ff3c6f8d1152047494395240ac99170748e90979ccecb8c90f3ab801cfffdfae075f42a987b457535b14f5d03d2cae","ssdeep":"6144:mr00+lSrr7p2CDj4cUlFLa6kLwSKJXimTqAcUm:08kfelFLa6kLwSKdW1f","tlshash":"00743baa7396753243eb91e950ae1142f37d5a38500c44acf79cd8da3da4e4850fbf3a","first_seen":"2023-10-25T18:01:37Z","last_seen":"2026-06-07T01:46:45.278173Z","times_seen":151,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}