{"report_id":"54feb81b-07ab-40e1-bdf6-0d6d89c00c5a","version":6,"status":"done","tags":[],"date":"2026-01-05T00:24:39Z","url":{"schema":"http","addr":"bet73tt.com","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"bet73tt.com/#","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"title":"365英国上市官网","dom":{"size":227893,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"2d826799e24c6dfab44b39af3d0840e1","sha1":"aa6574cd23659a226417201162c2b9989c009ea5","sha256":"b072a63f1b496ffcf45727faa00f59c1b0d6e4b9d9f59641986024ee8645e039","sha512":"adad9c23ac698e56cbfc92997ea84b423c0747e0ea2d4c61d0c714bb02abf3d13681076749493f09e4b4abe7832eb290fc82a2df19fb4d47a029f4583ae83fa4","ssdeep":"3072:DMUD4If6kGxfZB1vhoLp0w1t3zWCXfM6Hu2weCJv3vNlX33X3K1+QDWrOE4DRHkP:g04ICLRZvvqLttjJXfMcuRJv3PX3QnA","tlshash":"1324ae6129f6152701b380e17ab66b1f6f94e043da0ad50476fc47c85fcbe8ba8b718d","dom_hash":"domhash12306fbae514a8002011508d9250d06d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bet73tt.com","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T00:24:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"3f38sfb.segrft.com","ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"2022-03-19","domain_rank":0,"first_seen":"2023-09-14T23:21:23Z","last_seen":"2025-12-31T06:58:26.781064Z","alert_count":0,"request_count":78,"received_data":2741529,"sent_data":36967,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bet73tt.com","ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":53,"request_count":9,"received_data":438058,"sent_data":8951,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"crypto-js","description":"crypto-js is a JavaScript library of crypto standards.","website":"https://github.com/brix/crypto-js","common_platform_enumeration":"","icon":"default.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bet73tt.com/js/www/decrypt.js","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d1d23f897c7f9fa4b24eeb8159d7e21","sha1":"9c6ab5fed65abe81454978f1e844c4f36d61a1c7","sha256":"8da1db8adc85dc835413880c71cc811c762e48018590f9a991115e83a722c869","sha512":"4d258cf5b37b503615a1373aebf3474ec8f94351455729665223a9318067ca6b815d0bf3c265ead937660bfb3b0e75b25f450ef1b235a64b32d87df01e1b8e32","ssdeep":"","tlshash":"b9f0bec8adaffdd4add295d2627ec809a99315430209df52b688ac1c9fc80281a2b0f1","size":531,"data":"","first_seen":"2023-12-21T07:44:20Z","last_seen":"2026-05-30T10:19:54.456689Z","times_seen":4736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/sweetalert.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f9966a615f3f46d846807adbe42644f","sha1":"441544c084828da55ca0bafdc4c3df7dc7020820","sha256":"be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c","sha512":"e85f14552c1b5837780990e210223c5d6f532dd55f16589f682d1f2f95acc540b715aaac23ce12f871661006f80ec9043a9674dfdec1c3efc0819125d492dff6","ssdeep":"384:Rigwo5UpVZG9lOUlgkhzj7FRNE82XyySyTYayWri/SRVRXFKP9nWZcT2Rc8ex51f:RiB8lOuR5wSWrrRVR1KP9WK6Rc8ex/","tlshash":"ad72c899325438b327e361f1009f504ba4b196bde8095861376cc9e62ff8cc95ae2f77","size":16994,"data":"","first_seen":"2023-03-07T01:11:43Z","last_seen":"2026-06-06T18:59:42.798441Z","times_seen":7131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3fbc52ff882ce124b58d71031cde5fd","sha1":"0195be6f2c0e1564d8f5a13c6a116fae24c57483","sha256":"a5a4e3fb99d5c26ab47466625661dcd5323676a4da3798edb6b4805538cbcf0a","sha512":"18f147f00af5735de1d21a873cebcede0f102fd7d3b4ec775a9f2e67247d7f92d5910c64d0a0e64896c9ca69c808c3d775e5568e693c0532e09b0016d9519278","ssdeep":"","tlshash":"1521924acd31212499de663846b632eb351154a3cf0aa8a93b8d9310af4881f20382ee","size":1240,"data":"","first_seen":"2025-09-02T21:41:57.685205Z","last_seen":"2026-01-05T02:59:01.709494Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"86d1c65725d209fe7a72cbe12dfda0b4","sha1":"d92fea0918d892710904c33bbc8a0201295f8d98","sha256":"ad7a4b0c52484173184b980f0a7fa5992af401914d26c4b18634526432323af2","sha512":"424c796c81347aae6f75a13499f56a90d2e5c7bfb81a41a1ef9e14566dcfd437f2bd93c4b1251ad5aa4bcf9ca7e2217f35a7bbdc937a8cbad838819d184a8994","ssdeep":"","tlshash":"7241621af4d78728147736ba97bb23471d32148fda8ece0cbe5c0bd0cf2a25a5182708","size":2243,"data":"","first_seen":"2025-08-05T02:48:24.773348Z","last_seen":"2026-02-05T00:10:44.670619Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5f277ca8cd8e597500696197ded3fbf","sha1":"478d497550a9f8da8e1556a92b6e98d567cc522b","sha256":"9ef3e8adbbf6d1788a8a6d0552096d6192ae057053342790a60e6622e0080570","sha512":"3cdda3c9a80c540985c9aecb433ddea090982e7dee91d7ae2b24e076f13fa773fa6fc17ba2e931ff0833bc19229ce1452e3c49b2c32fea87d93c50425253d874","ssdeep":"","tlshash":"c541ede9f4e804004427ec7cac1fb19b21aea00ae04cc831b5ba60c19e212c9569be96","size":2060,"data":"","first_seen":"2025-08-08T15:35:32.57816Z","last_seen":"2026-01-06T17:17:01.190954Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"76bd0430694d289f3e15435e8c9904e7","sha1":"92fe61bd2d11753e8839fe4fbcdcbcb5dcdf666f","sha256":"4fa03cfb043a62b627ecdeecd472a5ae8f87334a0dd19a622f591b601545bb44","sha512":"62a15685193140f135aed313e446781a8826106dcf47a6da599626869c67881393c4bcb1d679bfbb97bc133559b5f3c8d210f99f012042a0e9063f30d1f4ebf3","ssdeep":"","tlshash":"ab419246d3e56137a52aad384caee1169a318003dc3f3c74b9c09a54df5e62c90feae1","size":2108,"data":"","first_seen":"2025-08-06T01:16:05.654787Z","last_seen":"2026-01-06T17:17:01.198262Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc73d35f5cc1806a1d4a4644579104c0","sha1":"2ba6e2a59a23ee43c16b4bd9e5cdc8e05646fb0b","sha256":"4053ddd607d4daccffea0d1a7b56e10018cc56096937fe55dc2e7a8142c210aa","sha512":"52af5976ddffb9116c526808dcd9dd73609939a5b5d0763ff406d86a2d8f02cc5563465532949aef08c1f3f1dc96f6eb477e3e68ce68566010eb692f665671d7","ssdeep":"","tlshash":"53b012ec7b539243248d13f2ec3ac9358c39317d1371379321bc204d0c154085410100","size":106,"data":"","first_seen":"2023-03-07T15:03:59Z","last_seen":"2026-05-30T10:19:54.535688Z","times_seen":3290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d167c8a1626fec3e2b4f410131ec25e","sha1":"3d287d4516c2e7c3e550f53dc6098d993a4e5cee","sha256":"7ae0d83c596997513e46b4ee6b49484090a5b327ccdbd3386693dc20f229ee41","sha512":"8668131245833843eebdd04e87ee9e21290e8cdd365b91375b08c332e9dd334fe90238da77a2a3a50b49fcb445ede89fcc901676d157f84d850ee16e8e94f259","ssdeep":"","tlshash":"2f21c21bec5b54a03757043913fbc44cb1a2994fe069c405b48de8514f54e860d2eb9c","size":1429,"data":"","first_seen":"2025-12-24T07:31:05.728979Z","last_seen":"2026-01-05T02:59:01.722002Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/checkinput.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1701a1c0e116f99b046f95c9f2f4ef5a","sha1":"c0ea303e6c96847ed6bb4c72afd3a84332ab5b3a","sha256":"5a053d48644953a4dbc5f0cb73d4723dd958c9b5574be9cdaac4bccf21d9f38b","sha512":"131b0b96f085bbabf04eac826013f7a62402bfe7e8aa4f6830ac9bdd4d629e4062a687b03a14d6c02d8ea741aea17fe4646da4c054c1954454025fa22f0fd307","ssdeep":"96:ZRORCQC5WCPCD9CQCwCGCkCmCQC+MiCwCdCuuCkCbmCd9P/ddPojcHoujp1SPZaQ:ZRRRvJdlANu91diXdT59j6IQNHYerS","tlshash":"9d62204de0983ea6857333750e7f5200f57906278525eb08be9c59b42fbe80a4b63f5a","size":15360,"data":"","first_seen":"2023-04-15T09:13:23Z","last_seen":"2026-05-30T10:19:54.512043Z","times_seen":5039,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b1f1b90272f5122f5e1a5932c7a70d3","sha1":"8ece1b2ae792d9f377f197847bc2e2cdb615e409","sha256":"3e49a7729fa9f030a5cc1024101687a97b99d8035a8da3494ae36bda301a7136","sha512":"dad6f7939478825ce47274f6577866e8ad4d40d53e4edae4f2a36fa65dca858dc96814037786266ca60ea8ffce080061146a0a1680730c224cbcdacbbd046913","ssdeep":"","tlshash":"c3319a1cde1a484229e1cbb80481164226985583ddb0fa2fbb9c96806f6e02f97f26dd","size":1532,"data":"","first_seen":"2025-09-02T21:41:57.687085Z","last_seen":"2026-01-05T02:59:01.723522Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b555d8537b5e2c77dc57d6d51b04c3b4","sha1":"85a0672a0cb1136ec4c8f0d0131dd273de2a9718","sha256":"ac527914b30eb2660ed3b1a0cae8b0ab6a1cdcdb8369e1c8650113440fddb8a0","sha512":"f468254c699579ecf68b8f08f1b9ec241e15e050ba7c71adfbc2fb257d71e160dcad465154775e2371943c7c0b3e31e4072e416e38129d15607a06ddf0910867","ssdeep":"","tlshash":"3d8127a2dd1402b24196633236a30b522a51609bde513024b7cd95b44fce69ffeff6bc","size":3902,"data":"","first_seen":"2025-09-02T21:41:57.678018Z","last_seen":"2026-01-05T02:59:01.717034Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/assets/js/caller.js?ver=1675418258","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e7441dc033395b76a96b25b6efef0f0","sha1":"c833e33f4a95efa559a847dfff036cb904260b48","sha256":"80caabbe50f5f83254e2545d01bacf299c7f417a103e912bd41d6c330a6e4f86","sha512":"e96041ac2b7106fe9aceddc1faa3e996ffaa97945d56cff7b3ca0697492cf6ff53f6fc3826319a85eb360e684a166c0c8c075118a37655312dfbf231ff9aa167","ssdeep":"96:veR5suijTWxKhgCBTSCkAjnhefPMm03OMu9eqeeV0vMu9eqeeVqgYi:veR5su+TWsU1eO70v76i","tlshash":"dc914212de042051f76332b85a55661f6131684f7f8a888dbcbc747f9b70acb857d189","size":4386,"data":"","first_seen":"2023-03-13T18:11:33Z","last_seen":"2026-05-30T10:19:54.456167Z","times_seen":5036,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/jsencrypt.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"64507221feddff84c80b99c98827d76c","sha1":"5c7000638c6bae1a1c448367822a8682d59d371f","sha256":"5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389","sha512":"cc3beba9e9c0d1e149642c41b2bcb351972f8a1bcd9445dbb5e32feb6c91c5d851e2cecad5a6b3f8b8ec4727e4e8cf9824bc80244baeaae20023c23c1a02c2f0","ssdeep":"1536:cJxLSEwwmr2yZPp8yQPj6OR1fdfqovoRonm7f6T:cPErPp8yQPOOR1fdfqg2l7f6T","tlshash":"cb43e9853ae6b075039a50f0051f084ab13ab92e192f44ecf699d8e17cb584d637ffb9","size":56142,"data":"","first_seen":"2023-03-07T13:16:24Z","last_seen":"2026-06-06T17:35:05.799425Z","times_seen":18574,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"72f6c3918f4349ec53271c7bf7688d2d","sha1":"02a908afb4808cee473941bcb11f54fc0d2f21c5","sha256":"e759d67601fb50a113db0ff96fc2bd1681cd0414c8d28c092b641bc9a5439b46","sha512":"3501f2f4c610815bcb72b9b3c66ef5504bf1343b66cab90b593f3c76887426f32182378346db9b34f4816922ba87f5241e5121b523b0932a61cb99ce96695ebe","ssdeep":"","tlshash":"31517bc5fab153a0593b14b66cbf510a6d127407fe0bf52af14c56d05f2841c31b9989","size":2451,"data":"","first_seen":"2025-06-05T14:35:01.36702Z","last_seen":"2026-01-06T17:17:01.172554Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c542c52a5e3af4b36c0bb4dd1b69e9e4","sha1":"567f996768bf4ebc4bc73446c07082f4c25081c7","sha256":"f2b8fef8dd86502d77fe4bdb474731cb6c7a6bb9eb58ebeb505b8b9e3635fdf3","sha512":"f70e31c55c0c2e6d78e1fbbc4df66268365ac9c726e468bce178c5ff3b83251df7dd78a268d02960d38da52667b0b188afff4b2660f1c88f74898f1185f781ff","ssdeep":"3072:tMUD4If6kGxfZB1vhoLp0w1t3zWCXfM6Hu2wex:K04ICLRZvvqLttjJXfMcua","tlshash":"6cc302d75a62de0c2d15d8b8f3695f9e0bc89b64675ff027c0c66684c00cb6360fd8aa","size":129279,"data":"","first_seen":"2026-01-05T00:24:52.789844Z","last_seen":"2026-01-05T00:24:52.789844Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7841a2f0a7ec24a5db3af7e10810ce3d","sha1":"68eed6d777e9d841ee3528acd410457263f9cf57","sha256":"2dae1a77d81f1da571b65093c43f3e817616dadeca67b5698aa5c9d141357324","sha512":"c51e73acbe9a9798767dd4728194c3519cf980e3d485861eb9b4ca5a536753899ae79bd56dcf2798efb1331f4576aaa576369794abb57e06cf3bc6b91471be98","ssdeep":"","tlshash":"1531a689f39cba27c07e00b44c7f65c5d11e2871ea0a1ea5fcfc52a622de756329f184","size":1595,"data":"","first_seen":"2025-12-25T13:16:23.488347Z","last_seen":"2026-01-05T02:59:01.714658Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a12e7a148a9fa6913f7619311aa4cac","sha1":"f1b2ea8e5eb720f07c3c0195d767fc302e54380e","sha256":"1bba57eed92ff9d81bc0cacb5481ccedd808c9c408de6cf21dfdf845a6b958c3","sha512":"1bcbed419cb77377707c1931dce14f61cde1d3cca3fc412847ef1874c7159a7163194dd356fc92a45dbbb49f408282bc7aceb9ae493f6098bc883b25b47f3560","ssdeep":"","tlshash":"3611924bf7e86601707732be8abf5429173b2407ec050c40f86c0aa83ba14545cafa88","size":1014,"data":"","first_seen":"2025-12-25T13:16:23.514527Z","last_seen":"2026-01-05T02:59:01.716541Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-migrate.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7199,"data":"","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-06-06T19:45:01.327333Z","times_seen":23404,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e686aa40b52232ce07ef7e7757398d87","sha1":"337de41870f56373b8487d2a8bcb5b428dfa0f92","sha256":"14e96a7ff23e2a92b74ef8692191abc402008574d27ac3c4321480235f60816f","sha512":"4032b1a0c52542a37f455d399a4a575d790c60526880a6379b09992fbc0c18a98e29ccab48ffda6b94626e0a61aece1caf72b7b4b37821d8d94802b13b2db859","ssdeep":"","tlshash":"2031c2a8ea707120508641361ad3895e391072b7ce213218378cab2b5f5a86f73bb58d","size":1461,"data":"","first_seen":"2025-09-02T21:41:57.679634Z","last_seen":"2026-01-05T02:59:01.725493Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac515ed5a345e69f7c0ca4eb1394701b","sha1":"2658c778158949042d868cb05feebc8e63d40124","sha256":"9ae53a00572115d284387b0b64cdf0cec1f02403a3ad6d294d203b01322bfe8e","sha512":"0e65595021fd34464ae630fd4f92a42979862c9b04d4440d9192b1934c26c820d616206c516dc42b611244fc8061ca0d2975632bf7a3769fd1ef71b88c6e6bd6","ssdeep":"","tlshash":"9f31cd58da707120504541311a93465d35507297cd253018375cd7131f9d89f77bb54d","size":1493,"data":"","first_seen":"2025-09-02T21:41:57.658062Z","last_seen":"2026-01-05T02:59:01.7245Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c910d57e3865cdacf84cf38c7480fc3","sha1":"cd82aa4f4debac52d94e39d9a0a62f3a78af3c22","sha256":"da1364cff053217ffc1ab21ffd887516c28603826121b2216c9a5e3075ea5dc5","sha512":"ed36f1bd45deaeea7aea86c45154fe9d1d1103acb437e146cf4a64418c3ea995a6b94edc02a5dbd0bd29e09d06dabaac073e707295a2380d035c245047ce324b","ssdeep":"","tlshash":"ae41cd15d6b646042937707054ff56d43f16e423eb018915315cd5c05f68e35d93d55d","size":1980,"data":"","first_seen":"2025-08-06T01:16:05.650393Z","last_seen":"2026-01-06T17:17:01.191996Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"03bd708e48c0a4e5aa6f0bad19f153b4","sha1":"ccc14e2a9cbcadd2e83ea28aa9c509eb5de6125d","sha256":"2531040c0c8ab57250117c86933ac3b0641a09ab7f18f1bcfb5b28bb31a612b0","sha512":"75c4a57cebc7abf1b5f06dc319c8115e8ae0e7cecb4b44dd7ee56e126896cc1ec694fc4f17599df707e1d32f82846055a662b823237a699470d9fe521283f4a4","ssdeep":"","tlshash":"79311297d16c5c5d45cb9670342518a5330ebcb3fa028ae2e23fc76832b3d49c553d6a","size":1636,"data":"","first_seen":"2025-12-18T06:38:50.079126Z","last_seen":"2026-01-05T02:59:01.721473Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ef86d4a9e9c5a2b2828dd184d1a9d7a","sha1":"21334d1ce81c6a1e03f7faef30de892b62ea3903","sha256":"608ae8e2945ad6debbbc80f9c04ebdad8425d70f29f35de0bf01b0138aa8a95c","sha512":"65accd0550978f5bb0a810e971a44f20e1642aa68beb4beea3758176fdc1defdb8216e12b1a32a3f41fdb74ad18156744eb45ffe759ab39ff8deff039e8e5f38","ssdeep":"192:iNeTmZW8XQcTtEtjKRzfQhFxhBizH4A1ltpKS9:crWMGj0TQhLhBGplt0S9","tlshash":"52121005ea1909924492937938d71d27229cc187ce41301e7fec4ab92f9f42fb8f765e","size":9066,"data":"","first_seen":"2025-09-02T21:41:57.694522Z","last_seen":"2026-01-05T02:59:01.71905Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ec9525cd57e95526fdb586b3581f9bd","sha1":"17f12704d1b52da38ec06d2c48927c0efb2d9c56","sha256":"8a052cbf410efc64e1f4452f19a7bd50a0fadd8454666562f54999b116aa7b11","sha512":"e9efc0f513fb2d0f61dc4d551a47de80b94e468e2859755b4480dfd549438fd500970ed89debb77347818d9cc62fcd6034ff732c6f806089747833105afe552b","ssdeep":"","tlshash":"cc21c2a8ea717120508641721ad3495eb914b2a7ce2130183b8cab272f5d86f77bb18e","size":1437,"data":"","first_seen":"2025-09-02T21:41:57.690461Z","last_seen":"2026-01-05T02:59:01.72302Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c72753e7174cda848e4db80101559950","sha1":"55dd7bda8854363cfc0a7c4bca73e9982fa87777","sha256":"219d239c671025464cde148b1caa77b2ee013e875365d4c52655d335833d279a","sha512":"93879dcb701551e390295e006532326dc5844f4644369dc50fa0b29ab88e771682a8206e13aa4f319644c4b3cc857fd6ac7cb82c17a49953ff801861d59ee438","ssdeep":"","tlshash":"2031260bcd0a22a3556284701a193268319004e3cf0034453f6e82181f4f20f21f25cf","size":1726,"data":"","first_seen":"2025-09-02T21:41:57.6627Z","last_seen":"2026-01-05T02:59:01.70804Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"60c37214b537060f2a0177cec01922d0","sha1":"37047bea24f2d4d60633b37d77bf769e67a1ef8b","sha256":"c3f69474980aa0d52f30e18f28ed79326a107278514432a5bc201935c653d953","sha512":"7e80b3de9795433f893f663cada31de0a0e76455c34d1875886b650b87ff1ef478c5ebf407799a4876bbcc3ea9c4f6e793f79a104a84d5b65cf579a0eb515f27","ssdeep":"","tlshash":"42513839e7b23250d8b7b23b2baf935829918043c50dc9123f4e76b40f1041f3d446d8","size":2885,"data":"","first_seen":"2025-08-08T15:35:32.580113Z","last_seen":"2026-01-06T17:17:01.1896Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"453e75010d449cf809c69eedf1d5f4fc","sha1":"24cb4fe9cc676be7e4a8c8af8252d5ef7c253891","sha256":"44297337967c59516f93224c080fb8ba90b028df8f05460ff9095dd1beed6428","sha512":"08ebb78d6b036d57906c93e23d42c258a9d1824485e3ca8db33889be3d77eab3f275c9445c54b776e93e26d8ca717dba837d5ed534a95bdcd2c5bfb84c80e2b4","ssdeep":"","tlshash":"1441e59ff0f9022106f774324e7b5104392650abe447ab0036cc56406f68a2f8ae9e9a","size":1982,"data":"","first_seen":"2025-08-05T02:48:24.791369Z","last_seen":"2026-02-05T00:10:44.67346Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a5f07ae036b3c8dbb1849f8a30d7549","sha1":"738e351fdb66ac9c832d5234c82fd52fb4fce275","sha256":"a9a460ad554f90d6417ad9fcb9fa50fc3ebe600f579d4ca7f3af16da828995ca","sha512":"affce567319494404fd7b4df9470db09b439db4fa6e8dc67763f930b61462fbb58ce600a63383f5bebcebb8e0a5a851a9cd3fe6a2b95e36177a950004d5ad284","ssdeep":"","tlshash":"4a517bc5fab153a0593b14b66cbf510a6d127407fe0bf52af14c56d05f2841c31b9989","size":2493,"data":"","first_seen":"2025-08-08T15:35:32.53475Z","last_seen":"2026-05-15T18:56:49.800338Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/js/carousel.js?ver=1637918556","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a55f280dcdbcb4a968d8f6364a2714e5","sha1":"7815466d8a2584bf137ad80138462b39cb62d236","sha256":"c2e540b8dda366b0898cc14ecda800ce2787ed2222b6ca38f67444882d8abd75","sha512":"f8404ad28595dd418ca26a6a7d1a984eb38d7a83ccee3286ed90c34c3c72f7c57cee42c59281ee9071b32c30c0c91d4d5ff5ff40c5741e75d611c1b7a8b15485","ssdeep":"","tlshash":"cc411124dd7214389533332991f7cb45ef2ea767a6418ca770fc4129afb0409569cee9","size":2266,"data":"","first_seen":"2024-12-20T12:48:50.204122Z","last_seen":"2026-05-30T10:19:54.499221Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","size":253669,"data":"","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T20:30:52.521048Z","times_seen":21187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/plus/plugin/js/bootstrap.min.js?ver=1598106537","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","size":37045,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-06T21:16:14.113592Z","times_seen":90077,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/share_unite.js?ver=1749181409","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"00c6288b67f7750a75b6e9abbf74c8a4","sha1":"5f464f4ce28448acc1c2fe825d4218795b023db4","sha256":"20327edf72e6632c450e8f8e443db2f728361f74b68697932491108c7f483b9e","sha512":"39dac004bb9b904ec4c4bb4d4963c3b8c4c9d98f9a80d90e53134e28c6055831652f0911e59b58f54c4b1e7156d8aba181b90ee3fe0ba6aefb67162b990787c0","ssdeep":"","tlshash":"37513127e6b82006207730a7deee346b556a8426b3417f06b7bc01a54fc58ac7f9270c","size":2667,"data":"","first_seen":"2025-06-07T06:32:46.623015Z","last_seen":"2026-05-30T10:19:54.533079Z","times_seen":4068,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d0c02df1f9bc460b8bdbe011079211a","sha1":"920f2f3057f62956eb61992d06c261fee52f082d","sha256":"f74ee5c315e707a3ab3b67bfb7c32b5c3c6dc009432a21efb6bfbf22eedf7969","sha512":"27bc19d36b0d4265c10528fac669ec56d6a82b1a26c0c30b75df1d597ebe8bb9de866e08ca3c10df9aebabf37e7769133e7dacbec8381849af0ad435223dd749","ssdeep":"","tlshash":"4f218c3bc79a1386598b403a2ad68a0571a818e3ff189c107a4ed3111f8a90a217de64","size":1324,"data":"","first_seen":"2025-09-02T21:41:57.672548Z","last_seen":"2026-01-05T02:59:01.713606Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/encforms.js?ver=1761119296","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2d77387c0dedc78ae85a7ab52aad886","sha1":"0d8ee19645e8246409f76adee4412ecef3466b76","sha256":"2af6b51b39ceab86129d473a1fb9a4a827539efc7452de2103a84ebd09d75790","sha512":"d922ced4a418ef9049cebadaf49f897432449ad051ece1361014ca9c64514f9eb53f6d77d6e83551ed2939d0eab9d518f0c048e12aef3e167ef3d1d517dbe3ca","ssdeep":"192:gxlzcp1ISvp1S/yakFAn1hQu66H1Ka1t4l/O3a6Nr:zb6cu6IQM","tlshash":"9f32209871bb1870993338344bbf8512793ac11f4c5cd954bdac2aa07f58a5ec6e1bb4","size":11858,"data":"","first_seen":"2025-10-22T08:39:12.013749Z","last_seen":"2026-05-30T10:19:54.529419Z","times_seen":1488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/plus/js/unite/crypto-js.min.js","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf3402d7483b127ded4069d651ea4a22","sha1":"bde186152457cacf9c35477b5bdda5bcb56b1f45","sha256":"eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc","sha512":"9ce42ebc3f672a2aefc4376f43d38ca9ed9d81aa5b3c1eef60032bcc98a1c399be68d71fd1d5f9de6e98c4ce0b800f6ef1ef5e83d417fbffa63eef2408da55d8","ssdeep":"768:LuxoaUN4+OIhwP53+e0QfA31jQM9OT81NHv4rnwfe:LuxoaU2+LwB2+G1ZdvCwfe","tlshash":"9c231bc1a19c219152a774d0093f7107b463353a460ed5acf668e9eeecbcaea903dd7c","size":47992,"data":"","first_seen":"2023-03-07T12:04:24Z","last_seen":"2026-06-06T18:45:39.524437Z","times_seen":76640,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"22a71f7dccf96ab68125df96e365b7e7","sha1":"71d6307f75eb420c6401e2337f3848297f9cf48f","sha256":"7a9124afab13b9cc107bf02dbd50b199a54295bf5a64c8b1c66a1d264ba1e41f","sha512":"4d6aa0b11b486210be23e24cc2da4f60cbdf9dd9567ccb52ab0185c7fb64a93a74e0e234e3164062133e48a22a1456dd25b9adf1720d473df08c796f6a079768","ssdeep":"","tlshash":"a841a9abf8a349391bff247a17af838834710007d504e518bc2dc6a54f22ed125be9f9","size":1883,"data":"","first_seen":"2025-12-18T06:38:50.038386Z","last_seen":"2026-01-05T02:59:01.723995Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/swiper.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8be4ec964b15c656c05a17f822762b3","sha1":"1afabbf1eeecc4d7ddfbb4c824696ce1aadc8d0f","sha256":"e32b2b578b1345c05be32292da9016f7ff564bb3f4aeda3c1b6b76869648fcbd","sha512":"0abfe93e1dab3db289b0efe0f92e42f6ff14cc4e550b5bca8d4a84fe736245fb70b39e5b86bd9aea620e6fd73a76ce8aaed9d3a561c6208dc9108778dba141b9","ssdeep":"3072:2hUcC5HqffYIdcMZOGHgZsUOUIBdID8CX:y45HqXYIdcMZOGHAsUOUIBdID8I","tlshash":"7ab3094eb35071a551e36257525e8241a3b72409780ad0ac35b6d8ebacbde4c13bfefc","size":114405,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-04T08:12:43.150166Z","times_seen":5128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"be231844b556c225daeb632dc5dfd65c","sha1":"fffcd9b14e920a7c47828f3ae775f593875e22ec","sha256":"6c22724bddd6ace68e9e821a4373db98c43781b7adaf00c33d887a47b6043d29","sha512":"3b6dfdde96030ae0f2e71a68ace87c544d576e942cbcd0ec68fef0bc242b7f7a307f3c034681cfec65a94c4bb85e59c30a98ac48fbb75e1498e3edd67638141d","ssdeep":"","tlshash":"3221123ae042104406a7e0bd888a285120800c03cf482a08b3cc92958fad3cf32f3ace","size":1346,"data":"","first_seen":"2025-09-02T21:41:57.692182Z","last_seen":"2026-01-05T02:59:01.710025Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9bdc80cc500413b7e1d7c788493c5f9a","sha1":"f1dbf5d523a7cedcead36a7bd537bbe4f4350b9a","sha256":"56d3d915b4e2fcb6f1ad76214f91d6dcb96d3eeb0086bea993d02d2b354dc953","sha512":"34b91a873440f3ec0a109370298826043b8617c2d18b7b6c903a5449e9f7917f6f2eadd8bcf0b2e6c872c966f1dbbfa6f037ed6d229d2f4ffc6cff5dd71008ea","ssdeep":"48:888hfqDG9Mmk2xp+phzOgOOfDYU2olo9M1CSl525R2yfuB2yfBb:886dxuwE69WCMMUyf3yZ","tlshash":"82a1ce29e9e76504812330768fef5008b138a503c828ad687f4c92532fea42d92fdb6c","size":4911,"data":"","first_seen":"2025-09-02T21:41:57.676165Z","last_seen":"2026-01-05T02:59:01.715173Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6184a732bc7a1121d1c719d8780fc667","sha1":"965d9939bf9c5e315be67bfccb7e8ae795e15b15","sha256":"79aa1ef11ab39e567f32d6b5bdf9443e8540dc18b7f113a5324e5c08876e8fbb","sha512":"8a8a9f3cf7a940a3671123f5d80324dc9182453543bc64e32f608ed8f3a84a39aadc690d26b43c35d21f87e1b34aa00678cddc1fce46f3ff525dc727c5f95dae","ssdeep":"","tlshash":"264123ece801b90106250238c3945d0845db70f3d40a714408ac1c0e28f0977a38ee88","size":2001,"data":"","first_seen":"2026-01-05T00:24:52.798971Z","last_seen":"2026-01-05T00:24:52.798971Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/js/empile.js?ver=1637918556","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a627d30c6bc0b10626ab5b2519dcc805","sha1":"4bb4096e0dd58fe05ba82f669b79d1e077f05f59","sha256":"a898bdd55d53b67bc241422495a7ea5b582be655409622c80dc992e7207e8f2d","sha512":"5264cd1c9a2e8526c666d1eafd03560e434522a35405daa6f3d05c098a10e43582cd1591453977cf33abc152be7821820b596c8e6095802da6f24b217a4c18f7","ssdeep":"768:gwl5p4zyOuB6fYoR34RXOlaKW//Qqsxlz:Ll5pXOuB6D1/","tlshash":"cdc2435d65a230a189b373f98f6e840aeb75522b4105c2643dfcc5982f74c1853eaefd","size":26674,"data":"","first_seen":"2024-12-20T12:48:50.32179Z","last_seen":"2026-05-30T10:19:54.51743Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","size":253669,"data":"","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T20:30:52.521048Z","times_seen":21187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/login.js?ver=1597629260","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"24bc8669caf172f2c17a06fcd73ae539","sha1":"3bad8f340bca43d8fb98c3ca39def12f816769a8","sha256":"29df48677fd1c2b2a602c35faeadd3693f083b78550b2c0f3108f356c34b74bd","sha512":"0b4b2dc35f8b97238079334be832751d1e33dfbbddda4961c38127afadcb088101bad71b0442bd810930df2658dfd9f42da0b08d44bb1e1f1dd0a5dde33423a3","ssdeep":"","tlshash":"f3c02240b13f377c587372a0803a0506df73701c1c0056e0b0b842a02c187040813c78","size":191,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.499787Z","times_seen":5041,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6964e52630ea9632c7596314b66d61a4","sha1":"86887b51f17b9073cb8dd1214195765dc89e455f","sha256":"c218c843082ab0b136ff461c85044b99a3e3348ca3f8998e828f395694aa5a18","sha512":"f2f078ed0fec5997e30c507d00edd66008f4191261bcc42c182e742d2681d18d0d585bdacd6456336f583907d255a5bfe02b5c07c12d492c44e0f78c6f8eeb97","ssdeep":"","tlshash":"6b31ed8cc526001420091339b88938022a455e8bde98342e339e1e7e2feb80e4ae369e","size":1798,"data":"","first_seen":"2025-09-02T21:41:57.660476Z","last_seen":"2026-01-05T02:59:01.724996Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"71907ee9832b51f5ce07af63120b4acd","sha1":"0dad3313e4ff75d6dc59399555b2186a31a4fd87","sha256":"b0e3b1dae63915488a9f5e231b30dec9bfe4cf5d6689fd79ea13c61152935758","sha512":"78c2fa8a029290df975a8d9efc50c73d311f187b443a6b6881104c44efee2acce141c3efefc159b7eceb9864d2ed979a5899ca84b3fde7960221aa3e1d338ba3","ssdeep":"","tlshash":"56415ecec1ba2876068fb4361ddf2814995361f7ca8829253f4c81212fd521d8dc776a","size":1942,"data":"","first_seen":"2025-12-25T13:16:23.495258Z","last_seen":"2026-01-05T02:59:01.7265Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e70edb526ff09f426618efade93a4782","sha1":"840b05449d3851118fc835592bd98af885bdbf1f","sha256":"ab513aa4626ba224ac61b747674e6aead965f6e2cf87a2e60c7d4645b519817f","sha512":"943192c03e09b13bbdee324fda4c81d019b4cb5178596b5c548a1e6776022aded289a6076d32d5f55f99316b57b6f7db13c6429edb3a1e6927e7bcea89774cd9","ssdeep":"1536:/cZlnfxbjbJzvdvpeG2iMuz/M6z4QZFSNwmJaxxKZ5dFR79LNOf0uK:/cZlntbEG2i8umYx620uK","tlshash":"cfc3508a69476123467267398f9f4509ff6985330a0e8605bc9d92d83f71c6c43bafec","size":127757,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.504659Z","times_seen":5093,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9c7afd05729f10f55b689f36bb20172","sha1":"43dc554608df885a59ddeece1598c6ace434d747","sha256":"f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c","sha512":"3dcae1ff6e98c64e3586be3eb14dd486c51f7d4e9fa1b8f9a628be4fbb6a9ab562f31f9b50e16d2e0c72b942bdbe84eee8e0ef87fa730db1428b199a59d88232","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrJ:++414Jiz6fh6lTqya98HrJ","tlshash":"ca83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84345,"data":"","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-06-06T21:19:47.964712Z","times_seen":25160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/main.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a579f2e4d3b31b3ea017e7b03a475dd","sha1":"8d9a6430face051ae1365d421f15c60cff36613c","sha256":"ca0d1288490dab47eb98606d7e519b4be96e1d5f354b8cf4a6ef39dd1846c41c","sha512":"e5c65863509fb786d1a2ac8a1c0e0ec1446158037079a067eb6976040a0d912e326c2254e7968a7e22ae794d3adad6b9bfccbd2a4eb35dad622676d3a989d742","ssdeep":"","tlshash":"1941cc1df9f665c208b730164f3f451c2163a81f6a09ce40395c65c09fa267ed2dbeba","size":1933,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.519159Z","times_seen":5038,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment-timezone.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc45c47c99fe4d26b2b24e46cec399ad","sha1":"221067a4147ece74b03934528ad61bcd4026e477","sha256":"4a65c2af68e89944c3da128c9b329596d930ce09dc9b8ba726b640d812e1fd88","sha512":"1658e474170022d40e698a422f024b4872bff33c78af1dbe98df3a6a99a0f1cd1eb36725ac9fca7bc1264ea491d0a19a2ee0a3a952adba4aba3242c06f830f93","ssdeep":"3072:olpkvlaDD/DCD/DCD2iqWCPrMBq1rGPuAZDDD1DDWoST+piMhrlon5Blu4hK:CkbW0sNpiMx","tlshash":"f714b0292617bb44e459c08bfa3779c0caade18a940614d25f7d57b31fa37e2de68c03","size":196335,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.493597Z","times_seen":5044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a944d0788ed3620b671a9bb61ffb275b","sha1":"1d91989d43a9b98e8fae4616ff901c164b6283db","sha256":"1f79df0a9b0ba69a5bd14a33ce16e5402253a8f0fdb59e43c792a3a6f82f0d3f","sha512":"2c7f2510e300c1c400dd55651a75339cb2b841abe8e54624f1359c04c5edb6bf81c542c8492580413a745478409a8eeca0a7332d1f5484d4bdd31d3d6c235b2b","ssdeep":"384:h+AWrUckT6JxNvYNw77PUHAim+pjRm4Ihr2jRqKWJUgnw:h+AWrUcFJxNvYNwXimXIjRqKWJTw","tlshash":"b913429024fb246b157390f22bb12f1bae95e453e54acb0475fc5fc89fd7e86a423098","size":44207,"data":"","first_seen":"2026-01-05T00:24:52.800935Z","last_seen":"2026-01-05T00:24:52.800935Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/login_modal_custom.css?ver=1726650059?v=1767572653","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/login_modal_custom.css?ver=1726650059?v=1767572653 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 2491\r\ndate: Mon, 05 Jan 2026 00:24:16 GMT\r\netag: \"66ea96cb-9bb\"\r\nlast-modified: Wed, 18 Sep 2024 09:00:59 GMT\r\nserver: nginx\r\nx-cache: UPDATING\r\ncontent-length: 772\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2491,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"1c9324c073c8d8db7f32df740feceace","sha1":"5465a38fe6f669c4df9a2265a654c0815bb7373a","sha256":"79ecbd9aa7b6311f29cda59980feac8ac8263131b8089580f60f4ad6188f86ce","sha512":"2dd2e0b5645e119bcb2357c489d55fc76cedb95e19750489a32bb0974cfc1e974db62c06ee1f3b738114c3310776c73f59ad69149348a1701ea87d21efe3544d","ssdeep":"","tlshash":"215147026ebf2e93908c406d35de4e84225d400bc569ee2e3ff723648f5a6a6a177f04","first_seen":"2024-09-19T13:36:38Z","last_seen":"2026-05-30T10:19:54.525391Z","times_seen":2971,"resource_available":false,"data":null}},"time_used":1709,"timings":{"blocked":898,"dns":0,"connect":0,"send":0,"wait":810,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/g02.png?ver=1598008033","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/g02.png?ver=1598008033 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:23:27 GMT\r\netag: \"5f3faae1-35fb\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:23:27 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 13819\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13819,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 269 x 79, 8-bit colormap, non-interlaced","md5":"90bacbbc6c165d555b528d48bfa616a1","sha1":"64041e94f44efa1df69c1e1b8086fa4773c06951","sha256":"39a7b5dc5fdec30c63517f2648bf20050718c6005cf8056b007f0aab103e9846","sha512":"18eccf12607f185217733225222a102ca36f318745d96af886ef8e1316e262bff8d431f3d13884e1dea7282c71eef83430648a256e0d156c47b2fc5ea580e351","ssdeep":"384:RYtGrPnLUKAUZqtt1EhOjyC6Z1RooAoXYfpqA:wIvLU1vDEQjyCc1soUb","tlshash":"4052d0de0b802b47a076adb91430b39970cb0aa65334dfcc239a05ab7635fcc067117e","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-03-19T07:12:22.985635Z","times_seen":991,"resource_available":false,"data":null}},"time_used":1850,"timings":{"blocked":843,"dns":0,"connect":0,"send":0,"wait":809,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/float_customer.css?ver=1607755023","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/float_customer.css?ver=1607755023 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 1259\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5fd4650f-4eb\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 397\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1259,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2ddfef0c4056c3d9eb5f3df7fd940bdc","sha1":"5632067b6e1c0e2db3f7420470f8f5e15a78f2e8","sha256":"abb89644d467e88130629d409fe0c26f98779a78b539b6ff9996c720dfc8e662","sha512":"f989c4151853270e2ea25e60449305e0f9b0f5847a580e57b09908271d0d37f6b150515b3c49a343768b7cf4b34d42e858a9b30dbc3b7900747f40a5bd19e2f5","ssdeep":"","tlshash":"412195930d272904fc15e1742fc4112d122a80cfaa5fdc1c76d99f195fd266c98a6be0","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-05-30T10:19:54.526913Z","times_seen":3287,"resource_available":false,"data":null}},"time_used":1311,"timings":{"blocked":908,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/liveinplay.gif?ver=1682933216","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/liveinplay.gif?ver=1682933216 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Sun, 04 Jan 2026 22:51:51 GMT\r\netag: \"644f85e0-268\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:51:51 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 616\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":616,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 204 x 30","md5":"712ffb89e85b2e1e254ec1c77b23fc74","sha1":"7e385f698a88e70953384d4bcd3698993fb6c322","sha256":"6ac8853ce4ba2bf9bbe37da81b96be06b0463bee89fe6166a02a913ce379307b","sha512":"34e6aed4474677abc763d44805a12df54313eea3a98847aa12fe940f81247ad6b218ec25c7e6d66107527adcbec0bf8e7dfa5facab3c8886dcc026452ec2b7f6","ssdeep":"","tlshash":"7df062c6f65b54bb862a46ecd74cb9140bc820884b000c8295f1f8efe00c7705bba0e0","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.502375Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1851,"timings":{"blocked":844,"dns":0,"connect":0,"send":0,"wait":809,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/g03.png?ver=1598008033","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/g03.png?ver=1598008033 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:23:27 GMT\r\netag: \"5f3faae1-2eaa\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:23:27 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11946\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11946,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 269 x 79, 8-bit colormap, non-interlaced","md5":"d2ba9813a94ef43860a7e436085624f3","sha1":"ad36dce8e807934af7f49ea1be72955d7238314f","sha256":"de19c6fe70e572cb530efdc4ffdbd69fec93ceec8e8513cbd488496737ad8130","sha512":"875d45d8cc066b27ca582d230df3e7991a73e5ea10149c0e81505cd45a842174fdf8d84eab2de4a9eef9094bd847c851a6851d45955995550487c05f2c30f238","ssdeep":"192:Yowv62d6tFQNDiZjqyfbKWSgR6jcYzLT2j6PwP7Q0Cj3F+8YUIO:YoAm7QNDiZLf2k6jcaejGwPEh3o8YY","tlshash":"a732c014dbb9e6ba7efd6025be08d47193117c29859379144e02de2153d022f80f3f56","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-03-19T07:12:22.992148Z","times_seen":991,"resource_available":false,"data":null}},"time_used":1847,"timings":{"blocked":842,"dns":0,"connect":0,"send":0,"wait":808,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/csrf","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:18.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /csrf HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6IlNRUzhNaUQyeHBvUERxd1ZYWjF6Y2c9PSIsInZhbHVlIjoiemtwMjBEOWhsNk1nN05QMFJ6NmZrTWEzd2VBaGtCNFdrS2FxN2NBVWVYTkhJaUs2a2VjZXl5SzdJcEtXN1ljWGlmTGNJYktodyszOWtcL2xwdytGUGdRPT0iLCJtYWMiOiI4MWZkNTljMDA3ZDMyYWQ0YTEyM2IzYTFlMGRhNDhmYjkyMWNlNjYxMTBlNDJmNjZhMTVmODIyYzE0YzZjZGJhIn0%3D; vanguard_session=eyJpdiI6Ilo3SHF1dFg4cUg3K0Y1cWdQemgwcmc9PSIsInZhbHVlIjoiUnM4REtSdVhRVXFIWjdKNUdSVFJhMGR3dXQzcXl2Vno5NXV4d2JtM3BWWkc0dVY3b3V2eEtDRWV4S3VpdkloRENvb3F6aGdpM0t2YXpVY1o2MkVQeFE9PSIsIm1hYyI6ImRkMjRkMTM1OWMxZTIzN2M3NGM3MTEyOWU0YjM2OTIwZWY0ZjMxYzc3ZGMxMjdlNjQ1ZTU1NWYyN2Y4ZjU5ODUifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:18 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 40\r\nConnection: keep-alive\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6IkVDUTZKakVFMENUOUhqek11WDdpQkE9PSIsInZhbHVlIjoiSW02MnFORUhlcERcL20wTWkwTkNOOGYrMG8waWYyWTB4dXYwZ1ZlclFmd0laUlhzV3hcL085anBsXC9oN3RaSjYwUFUyMjBwRk1EVnFSdHVQcFVZWmw3Umc9PSIsIm1hYyI6IjMwMTkwZDFjZjE1YzEyOThhMzJiYzZmNGQzNDEwMmU2ODVhNWE2NmVhZmIzZTU0Y2E2ZTljOTg0YWNmNTA5MTMifQ%3D%3D; expires=Mon, 05-Jan-2026 02:24:18 GMT; Max-Age=7200; path=/; secure; samesite=none\nvanguard_session=eyJpdiI6ImJcL2U4dnlld0VmTU9sSU9HeCtNaXFRPT0iLCJ2YWx1ZSI6ImZtcTM0WXlGam1RMG8wNEE3K1wvZDhZOEtYdHdqSFMzQ29OTlNKMU9nQ01qb1NOZFdQRkxyMmhudlJEdDNuSUxnZUNMVWNjaTlkdW9BczhTd1MzR0RPQT09IiwibWFjIjoiMTdhZjFiYWQyNjFlMTc2YWRkNjdiZjJmMjQyYjE5Y2MwZGU4ZjdhMTQ0MGYxYzJlMGFmZjIxOGYyNjIwODA0ZSJ9; expires=Mon, 05-Jan-2026 02:24:18 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nExpires: Mon, 05 Jan 2026 12:24:18 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: BYPASS, MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"a0d8167d137532314915eb5488cb0019","sha1":"c5a303ab764cc94f56ea8f4f4d4887b73ed9bf75","sha256":"8e953861a606f87f21b05d2cd2ddcf45a83d2f58b6824daa207149ac0e8ebafd","sha512":"e7ebfe7a1698128fcbb7bc9f9a6076a9399b86e7699485f58b18a7542ad6ede6362607cf2aef3a2138887e9a7de600bffd14a8f6eafe3d5e682e7c5e3d124551","ssdeep":"","tlshash":"83900000bae00802ef2c2c8cb82082ac000a20b2823880ee228ac082e00f20ac8fc088","first_seen":"2026-01-05T00:24:52.742158Z","last_seen":"2026-01-05T00:24:52.742158Z","times_seen":1,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/g04.png?ver=1606874474","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/g04.png?ver=1606874474 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:23:27 GMT\r\netag: \"5fc6f56a-2cd6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:23:27 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11478\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11478,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 271x81, components 3","md5":"6274335f5e37fb7e3aa19dba05a07ef3","sha1":"d54c0b0cccf2158aee56d7f1f465d5bb907edf06","sha256":"39d9bd9e19956bb52c4c880dc6987383c34dc0873aadaa6b3763e3421e06def7","sha512":"ed6c986810c46bcc66ab9bd9d3750fe4ff8c638904ad88cc6894ea00776d80da7b2bd6f8adb20a77c0ded5e7f5be805db96aa115426c1c32ecb2d6cafdcafefa","ssdeep":"192:unFWapk5PXHCbmhX7M4m2fHaDY4oHuB8NPwb5yTBw1+WlEaE+AYAtAcueGSHkOIv:unUapoXio/dX4qEb5x1plT+1fuepkOIv","tlshash":"1432b012c652ab01cd4998f4b8fe5905dea10e44dfc2fe45b6f2ce3d5cb09b06e97069","first_seen":"2023-04-07T19:22:59Z","last_seen":"2026-06-04T15:41:12.083496Z","times_seen":4786,"resource_available":false,"data":null}},"time_used":1847,"timings":{"blocked":841,"dns":0,"connect":0,"send":0,"wait":808,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/plus/plugin/css/to_bootstrap.css?ver=1598106537","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /plus/plugin/css/to_bootstrap.css?ver=1598106537 HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; vanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nEtag: W/\"5f412ba9-2dc4a\"\r\nLast-Modified: Mon, 05 Jan 2026 00:23:25 GMT\r\nX-Bos: b83\r\nExpires: Mon, 05 Jan 2026 12:24:15 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: HIT, policy, disk, MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":187466,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (386), with CRLF line terminators","md5":"8778d79f7633526cee2d636c518d9d76","sha1":"b2e715b1c401220e8165353c60d1e3b3815cdb60","sha256":"de3c1a93b240cc733fec329f2272d3b640ffa5bb736ee5df966745c20aa71d32","sha512":"13eebee14a8f011114e3352939d8f0440dcfa3a28f3f0737126b661d669914ae97534f029fab80fa9d0bfa376ec68b86b86e2fc18b5aa844fd7b8cbe397e7eb8","ssdeep":"3072:v4rq/Ei8U6V3/k1UqQGQr79YiVk/UOiCYdf4Q4t1v1S38pWLgdXyLSJeFR+PfmgM:v4rq/Ei8U6V3/k1UqQGQr79YiVk/UOiP","tlshash":"a604a9989b003bc2a231867c736f4d01bf8881a195ea4d3db75f33785e679e66133e85","first_seen":"2023-04-15T09:13:24Z","last_seen":"2026-05-30T10:19:54.45119Z","times_seen":5019,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/common/index.css?ver=1685095467","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/common/index.css?ver=1685095467 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 8159\r\ndate: Mon, 05 Jan 2026 00:23:26 GMT\r\netag: \"6470842b-1fdf\"\r\nlast-modified: Mon, 05 Jan 2026 00:23:26 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2379\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8159,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"c572b5475cafa52665867ea34e941107","sha1":"9e84cb39ea5b4edd820afc675516b2da0afde1c4","sha256":"22fb660621cf5492145daf4e4c4dcf5671f19105dda41b1df6f5cc695dd906c4","sha512":"732b6a9c3c052a23b2a1030083111dd12c96a143df6db6c492c00f8860a69c3a6db12fb34883c0d5019dece30352ed53266e37d9fb0f0cdc0ab89b0807882a5a","ssdeep":"192:ucR93quipoSiBFT8mra9WJpCbYZbatUxT9k+OL/wskJY:Xp1ipRWFNa9WqYBdjY","tlshash":"81f111ba5bf71d42771281e5ab6eab504329e003910ee62c7fe0725c8fc629489773c9","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.497231Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":2766,"timings":{"blocked":963,"dns":359,"connect":208,"send":0,"wait":802,"receive":2,"ssl":422},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/login_custom.css?ver=1663905027","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/login_custom.css?ver=1663905027 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 105\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"632d2d03-69\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 92\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d520ae5e8e22ca748c7a9f42456b2999","sha1":"bc32a4581b85bbba126872bed2d05be6e8db1c96","sha256":"2ef18a39610b5f98818cd76249061e93a4bc8c01677b51d73ea80fd3b1519865","sha512":"2a6bd8693789250119a0a9fb8d109eea7ff436ac974ea547b5ae7282d4e6450f2c1fc7c076486395d056ad7cc775f3ff5cbf1cc08ce718e7f5e2a58e0ce90ad8","ssdeep":"","tlshash":"1db092900c5a4f238407c595689a87018e3d90219f888f2f0c3928a4ca8af1410a6670","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-05-30T10:19:54.531659Z","times_seen":5030,"resource_available":false,"data":null}},"time_used":1487,"timings":{"blocked":883,"dns":0,"connect":0,"send":0,"wait":404,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/js/carousel.js?ver=1637918556","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/js/carousel.js?ver=1637918556 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:22:51 GMT\r\netag: \"61a0a75c-8da\"\r\nlast-modified: Mon, 05 Jan 2026 00:22:51 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2266\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a55f280dcdbcb4a968d8f6364a2714e5","sha1":"7815466d8a2584bf137ad80138462b39cb62d236","sha256":"c2e540b8dda366b0898cc14ecda800ce2787ed2222b6ca38f67444882d8abd75","sha512":"f8404ad28595dd418ca26a6a7d1a984eb38d7a83ccee3286ed90c34c3c72f7c57cee42c59281ee9071b32c30c0c91d4d5ff5ff40c5741e75d611c1b7a8b15485","ssdeep":"","tlshash":"cc411124dd7214389533332991f7cb45ef2ea767a6418ca770fc4129afb0409569cee9","first_seen":"2024-12-20T12:48:50.204122Z","last_seen":"2026-05-30T10:19:54.499221Z","times_seen":85,"resource_available":true,"data":null}},"time_used":1450,"timings":{"blocked":845,"dns":0,"connect":0,"send":0,"wait":603,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/jsencrypt.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/unite/jsencrypt.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-db4e\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 56142\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56142,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13814)","md5":"64507221feddff84c80b99c98827d76c","sha1":"5c7000638c6bae1a1c448367822a8682d59d371f","sha256":"5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389","sha512":"cc3beba9e9c0d1e149642c41b2bcb351972f8a1bcd9445dbb5e32feb6c91c5d851e2cecad5a6b3f8b8ec4727e4e8cf9824bc80244baeaae20023c23c1a02c2f0","ssdeep":"1536:cJxLSEwwmr2yZPp8yQPj6OR1fdfqovoRonm7f6T:cPErPp8yQPOOR1fdfqg2l7f6T","tlshash":"cb43e9853ae6b075039a50f0051f084ab13ab92e192f44ecf699d8e17cb584d637ffb9","first_seen":"2023-03-07T13:16:24Z","last_seen":"2026-06-06T17:35:05.799425Z","times_seen":18574,"resource_available":true,"data":null}},"time_used":2254,"timings":{"blocked":810,"dns":0,"connect":0,"send":0,"wait":404,"receive":1040,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/promotion/images/uploads/88.png?ver=1718188187","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /promotion/images/uploads/88.png?ver=1718188187 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:42:07 GMT\r\netag: \"6669789b-8938\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:42:07 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 35128\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 120, 8-bit colormap, interlaced","md5":"4a979663c18be4cb1e630d3ba0608361","sha1":"5e61430d925c81bb7d51360e6c19fdade4b374bd","sha256":"0ca6cae2867d56a7e0347be999b822ba4be5617c916052d15faf5e1542764d2f","sha512":"a813793894d787a7bf5ab5a71a3706c307515547a55ab466a939f835f8c59b93f29225c8f7ee4ae1c4d17d3cf512eefe95f1ac6f542a0b1384bfe7e30a97b54b","ssdeep":"384:MzNw9HVhT6JIj2ZB5MgL1FW+vkTLjLm3l1obP4I9OiLZmWMINq6KoJY1/UhLXdK3:MpMT6vFWgkHm3lu1OENSoJYWKhm7YI45","tlshash":"e9f2f1f0bb6063950337084169be5c3547ef47b54a1d76dcb156011bbc99e21aff1990","first_seen":"2024-12-14T16:38:56.520049Z","last_seen":"2026-02-27T02:44:54.020754Z","times_seen":148,"resource_available":false,"data":null}},"time_used":2067,"timings":{"blocked":852,"dns":0,"connect":0,"send":0,"wait":1011,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/close.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/close.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 22:48:50 GMT\r\netag: \"69315265-fce\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:48:50 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4046\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4046,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 85, 8-bit colormap, non-interlaced","md5":"af025aeec5b323959cf5d3cec06ebef0","sha1":"f9f4ecae089cf04dc58a34d75d90c450f6ca73df","sha256":"1b17ad91ac7ec9b8128ec936af66defffef5b95e8a67a728da666e2591a23de1","sha512":"63d634b20a91fb73f50be325064f06768bccf7e8786d9ec1e60d4a0368ec630b1af340acbb4cec17b18ca958e07ec20ce45a48894853b91a23c4efd7c9d8d55d","ssdeep":"","tlshash":"ec817c48e8082d3ced6ac3a8d55d5ea8d9b20d5f82a695060804f323b4b65a3c27e200","first_seen":"2024-12-20T12:48:50.265752Z","last_seen":"2026-01-05T02:59:01.683154Z","times_seen":38,"resource_available":false,"data":null}},"time_used":1860,"timings":{"blocked":850,"dns":0,"connect":0,"send":0,"wait":810,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/gdcode_1767572653","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /gdcode_1767572653 HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; vanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:17 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1208\r\nConnection: keep-alive\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nExpires: Mon, 05 Jan 2026 12:24:17 GMT\r\nPragma: no-cache\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6IlNRUzhNaUQyeHBvUERxd1ZYWjF6Y2c9PSIsInZhbHVlIjoiemtwMjBEOWhsNk1nN05QMFJ6NmZrTWEzd2VBaGtCNFdrS2FxN2NBVWVYTkhJaUs2a2VjZXl5SzdJcEtXN1ljWGlmTGNJYktodyszOWtcL2xwdytGUGdRPT0iLCJtYWMiOiI4MWZkNTljMDA3ZDMyYWQ0YTEyM2IzYTFlMGRhNDhmYjkyMWNlNjYxMTBlNDJmNjZhMTVmODIyYzE0YzZjZGJhIn0%3D; expires=Mon, 05-Jan-2026 02:24:17 GMT; Max-Age=7200; path=/; secure; samesite=none\nvanguard_session=eyJpdiI6Ilo3SHF1dFg4cUg3K0Y1cWdQemgwcmc9PSIsInZhbHVlIjoiUnM4REtSdVhRVXFIWjdKNUdSVFJhMGR3dXQzcXl2Vno5NXV4d2JtM3BWWkc0dVY3b3V2eEtDRWV4S3VpdkloRENvb3F6aGdpM0t2YXpVY1o2MkVQeFE9PSIsIm1hYyI6ImRkMjRkMTM1OWMxZTIzN2M3NGM3MTEyOWU0YjM2OTIwZWY0ZjMxYzc3ZGMxMjdlNjQ1ZTU1NWYyN2Y4ZjU5ODUifQ%3D%3D; expires=Mon, 05-Jan-2026 02:24:17 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nX-Bos: b83\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: BYPASS, MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1208,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 84x23, components 3","md5":"880c9c9995e99df27422d765e8739a67","sha1":"f592eaf8541fa582846fc90721baa91cc87db74a","sha256":"cdd72142bbb6b67d02264311a52133062812c463b37f33e51752d3ce9b34f629","sha512":"1dc6506d94f544f0dabaffff4be241d6339a3dbbf39925b03fbf928149d24fdf2fe23d96140cc2094311c96432c38e27bb842e9c636a2c64c908584a992d6ea5","ssdeep":"","tlshash":"5921631f6b03c298af0746fb16512ba39187b902b9a07b321ea046f58661cf8860d769","first_seen":"2026-01-05T00:24:52.74712Z","last_seen":"2026-01-05T00:24:52.74712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2064,"timings":{"blocked":1659,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/NCDBC_210x204.png?ver=1700473768","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/NCDBC_210x204.png?ver=1700473768 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 22:51:51 GMT\r\netag: \"655b2ba8-2415\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:51:52 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 9237\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 210 x 216, 8-bit/color RGBA, non-interlaced","md5":"9bdd6b8d5589d397db7068d3a294de42","sha1":"98b5bb4cb3d46f59db14ab9f2ebb2b54348202f8","sha256":"6b53a71f33b8a9b1c81f84e0371a4028a1e7d2f1b6fdda72ad3cbf5cf99194ca","sha512":"641884ccbcb09834b95f57f6d1a7225fdc611ed6f54fb933dda63e33a34ffb440a9f9b873a0b22344ee9b8d364dec93afcb4cb8191a8694e32af13953c828a26","ssdeep":"192:ESLkn+Lp42swygyfFBzBkFlkZJM97Xq8uel5m1/+t8QdQTvmmt33lVb:Dgn+LpywufH2lkZJr8j54G+L93D","tlshash":"ce129e265f025d419cb4e30de9adb4c726af1ec0df5184e82aefc14d9db02ba825e1c7","first_seen":"2023-11-20T18:20:46Z","last_seen":"2026-03-19T07:12:22.982929Z","times_seen":1116,"resource_available":false,"data":null}},"time_used":1854,"timings":{"blocked":845,"dns":0,"connect":0,"send":0,"wait":810,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-thwate.png?ver=1600719130","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-thwate.png?ver=1600719130 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"5f69091a-329\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 123 x 32, 4-bit colormap, non-interlaced","md5":"997ba7f2d6da9a90f5517d426b5994e9","sha1":"61bdecfa266e48f6f0dc9469f598a45c7bff9036","sha256":"146c3bcd19eef83c9a698efae1d39cdbbf4a948f75b7677931654dffb89ae5f5","sha512":"673b28fdc116da7e830f7fdcab47496a72c13317065e4e4a934a86c89c939287f902f9dd225c78eb7c36a5859ba6fed717423078dc71dda886aaff9de2dcfad6","ssdeep":"","tlshash":"6d018669437c54668d94d3b0633cec11c5a7a3831878b353960380c9ef58a0260c618b","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.510707Z","times_seen":3279,"resource_available":false,"data":null}},"time_used":1645,"timings":{"blocked":838,"dns":0,"connect":0,"send":0,"wait":806,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/swiper.min.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/swiper.min.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: W/\"5f412ba9-4bef\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3631\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19439,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19174)","md5":"319f20c8f06461463f24bfc703551a18","sha1":"f3bc53e03aefc4ee3be3adbcc707f7ed4c1c65a0","sha256":"67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45","sha512":"56439e25a232e6f80b79505aa867b341628cdc5818be22d4d83b7dac66d314a3d91f3eb4dcaa6240795c1a5f990322082c2e85e89a9fce6721cacf828cbe2c4a","ssdeep":"192:YxaNv/lSSyJWCj8zfi5o/uDN3eBxwdJ5c:Yxa1/lS0CYfi5o/uOGJ5c","tlshash":"8a92602c17003057e6334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-05T17:20:46.736077Z","times_seen":5183,"resource_available":false,"data":null}},"time_used":2807,"timings":{"blocked":998,"dns":363,"connect":207,"send":0,"wait":774,"receive":3,"ssl":453},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1079.png?ver=1612879501","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1079.png?ver=1612879501 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"6022968d-1c3b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 7227\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7227,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 129 x 251, 8-bit colormap, non-interlaced","md5":"55573863bf4ded810402032c178c8e18","sha1":"609490d47a02fd8d334d81f60a425d87541320ef","sha256":"c9c97016a7a15844a8d8ba4240275ac28ccd0463c70a379fa3f7411ec237186a","sha512":"9e2ca51c6f1ef5bc69edf0c5fb49bc10ff94f465dd36f7055f9a1882085bae56f61175f8918dcd3226060fbedd2f6d1d82d5fa37815162e5c438504228bf999b","ssdeep":"192:dk93OLNzYheZwiT/PHnkAXuHVu1h2AxPJguyTvEj:m3OLNzUeZwYPn5WAxKlTK","tlshash":"c1e1aefa5a3b3c54c0aa321547ddb04a9134778a9f0d1293ff2686a82cadc5d25d53c5","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-02-02T09:08:19.833598Z","times_seen":3243,"resource_available":false,"data":null}},"time_used":2266,"timings":{"blocked":858,"dns":0,"connect":0,"send":0,"wait":602,"receive":806,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images/dc_new.gif?ver=1597629314","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images/dc_new.gif?ver=1597629314 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Mon, 05 Jan 2026 00:14:16 GMT\r\netag: \"5f39e382-4e3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:14:16 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1251\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 21 x 12","md5":"25f6274aa9e9e073709978b30cf559c4","sha1":"a7cbd2bfcc634f40df01e0195e2cd666a22a7291","sha256":"243406dc9776577510746308a2816db585b4abd09a64e1c761654316c0d9038c","sha512":"9149b9e16b06d6508ebebbf78a59ad26eb15ff35084c2bb6be8f08795884f4a914e24689fc2402eaae46819efddc37281b7d778c92d2bf66f8939a4ff9f02a86","ssdeep":"","tlshash":"7921570ad842bc40409c54f57af7a9271ba60980c9f4f5d6b4cdd81e56241b96c19bef","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:22.987654Z","times_seen":4985,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/sec-nav-bg-grad.gif","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/sec-nav-bg-grad.gif HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/css/common/index.css?ver=1685095467\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Mon, 05 Jan 2026 00:14:06 GMT\r\netag: \"5f3faae1-178\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:14:06 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 376\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":376,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 594","md5":"355b2cb853d78ae262c093065eaa6e70","sha1":"3e8d2a456204e635cfe5bd959cff47faf63023fc","sha256":"cd58d657e3d79583a5722257d8770e3b5f620f1d58e392f1d9460cc89ac485fa","sha512":"0700f78d8d439d90ed2eba294bccc07451cec67b8bf518c13a8221cccf223a31c9e620f193874149ac818a39a90efbaa8748607600b01c7c0f89f89b18521042","ssdeep":"","tlshash":"04e02d731aa377b0de08ec39abcb30ba280d243eb20ab1c0300c74da85c1832fd088c0","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-06-04T15:41:12.134625Z","times_seen":4771,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/plus/js/unite/crypto-js.min.js","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:13.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /plus/js/unite/crypto-js.min.js HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; vanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:14 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nEtag: W/\"61dff778-bb78\"\r\nLast-Modified: Mon, 05 Jan 2026 00:23:24 GMT\r\nX-Bos: b83\r\nExpires: Mon, 05 Jan 2026 12:24:14 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: HIT, policy, disk, MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47992,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (47992), with no line terminators","md5":"cf3402d7483b127ded4069d651ea4a22","sha1":"bde186152457cacf9c35477b5bdda5bcb56b1f45","sha256":"eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc","sha512":"9ce42ebc3f672a2aefc4376f43d38ca9ed9d81aa5b3c1eef60032bcc98a1c399be68d71fd1d5f9de6e98c4ce0b800f6ef1ef5e83d417fbffa63eef2408da55d8","ssdeep":"768:LuxoaUN4+OIhwP53+e0QfA31jQM9OT81NHv4rnwfe:LuxoaU2+LwB2+G1ZdvCwfe","tlshash":"9c231bc1a19c219152a774d0093f7107b463353a460ed5acf668e9eeecbcaea903dd7c","first_seen":"2023-03-07T12:04:24Z","last_seen":"2026-06-06T18:45:39.524437Z","times_seen":76640,"resource_available":true,"data":null}},"time_used":1584,"timings":{"blocked":590,"dns":1,"connect":189,"send":0,"wait":210,"receive":190,"ssl":398},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/tree.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/tree.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:14:03 GMT\r\netag: \"69315265-f2cf\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:14:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 62159\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62159,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 342 x 567, 8-bit colormap, non-interlaced","md5":"d96d8dccccaf9df0b828fee78971d9d1","sha1":"ee89c8a622c72fd78a1f3045f583f43a8d3b8fb2","sha256":"4645c06b56b770e10771940b43be6da3946988f8608eec377fc83ab7941246f1","sha512":"35117a6703869aa1918974f3efb2e2a311e3ecfd1c02c5cd642003d03c3a0873929764defc138dabeb914f5fd3a7523f5044670f957b2c06c4f0849bdb844c55","ssdeep":"1536:TTkojccyd63Mu89gxm4O5aGPcZEkBGDcIAePIgbSQ:TTkojvyKv4gxm4QaGqeDcWbd","tlshash":"f1530259b14decea3c4b9c92c0536bb5847822f6e47ed73cb622cf9611786724a70317","first_seen":"2025-12-18T06:38:49.93054Z","last_seen":"2026-01-05T02:59:01.702497Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2076,"timings":{"blocked":853,"dns":0,"connect":0,"send":0,"wait":1011,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/header/common/kefu_icon.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/header/common/kefu_icon.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/css/custom/header_custom.css?ver=1738643282\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:14:16 GMT\r\netag: \"5fc6f20f-246\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:14:16 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 582\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":582,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 16, 8-bit colormap, non-interlaced","md5":"d66100dc3b6143ccaab68587edf59169","sha1":"aec841ed002d6f0572b1bc380212d38be5858728","sha256":"cba9dfe544df0c8b71bb9881e1d77b9be08007df320acfb8398c9b636bc1afc5","sha512":"a5db92a6bb8e2bed2268ba81ebcfbff6564ee50d09ed94c2302cbafb4e234cf9acc99d585568adb0de318e38e790467cf81fcb05643338c7200277a878d04d73","ssdeep":"","tlshash":"abf041ded0770db9f6a8245ae0a20980fd525a1c9ee6534e2a9ce04f08ed0049ab6746","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-05-30T10:19:54.487336Z","times_seen":5031,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/main/favicon.ico?ver=1598008032","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:18.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/main/favicon.ico?ver=1598008032 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/x-icon\r\ndate: Mon, 05 Jan 2026 00:05:52 GMT\r\netag: \"5f3faae0-47e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:05:52 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"e13f45bbeb4b9056cfa3d6bd2453f70f","sha1":"dfc879f8f7279ec929478feee93d9b2fdacce0b1","sha256":"331b713de169d0e56bc71fee2c7df0795b24d5b24c045b3af1a27668783a1d2b","sha512":"006f2e5dfeebaaf68972ca99f01c38fa00bf56cbc043f7983eeaea4272b04641844086d62d345b29b99e67044bb86292f0ee8edacd94f90fc270626c990d16c4","ssdeep":"","tlshash":"50214218f26b240bd77a943015c3dda780988e1b618c6ba1855db630fc34e39139b4fc","first_seen":"2023-05-01T12:07:07Z","last_seen":"2026-06-06T20:29:10.41039Z","times_seen":7049,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/santa.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/santa.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 22:43:38 GMT\r\netag: \"69315265-63ea\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:43:38 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 25578\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25578,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 239 x 250, 8-bit colormap, non-interlaced","md5":"acb0d86de6285d5ec88a7c993054de76","sha1":"ccf1693ceccdab067e9a62ae30935c30c7baf2d7","sha256":"b6a3f0ce573c523020a47272bc73d559597294e333828b8ebf2e4c169286b9c2","sha512":"7da402fc24a7c0636d037c0d4a52c969f5c6181def8f6b0f6993837b7e06596539803163c8ef44ea46ef0e6b1427a9d3a730e036c108964e231bfda088162f4f","ssdeep":"768:tmH7+0aouGK0yZi9CSlvHDfalVkXm5yxqQ:kVFPHY0Oy0yx1","tlshash":"2ab2f1fb19cd121d62f764e68279deb17d0f6d84fdc599a88b11b943bcfc8984027488","first_seen":"2025-12-18T06:38:49.987097Z","last_seen":"2026-01-05T02:59:01.657514Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2272,"timings":{"blocked":855,"dns":0,"connect":0,"send":0,"wait":1407,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1174.png?ver=1704358335","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:18.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1174.png?ver=1704358335 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:23:28 GMT\r\netag: \"659671bf-12d75\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:23:28 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 77173\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 700 x 460, 8-bit colormap, non-interlaced","md5":"e097679bd5a9096364f9a76bbeec0a99","sha1":"11475086f853913fc80f21dc898ac99fb553e71f","sha256":"52bd8e84b3d2817e79cdfa07523800de791ffd9662757033759ab37b146ffd2f","sha512":"f8032cf4e4a30be8929494dc2fb24dc4a79acea56985953acf1452248a9f8ff5de908d4fd34fbce537297516e30ffce3a60c87bddd8f8f101e4dd9d362f188c3","ssdeep":"1536:RfmVARw2W6qBlu9oxNistpDzHYl56Bt1J63mhHRf5JZ7lg70bfGt40eB7:AywxHuXstdLg56Bt1JMmhxfbRqgbuI7","tlshash":"ff7302de3b741b83b6d5de3e9134ef2ca6a408b81222271d4b3589757882dd0e3dd638","first_seen":"2024-01-04T16:13:57Z","last_seen":"2026-02-27T02:44:54.092347Z","times_seen":902,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/font-awesome.min.css?ver=1753257975","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/font-awesome.min.css?ver=1753257975 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: W/\"688097f7-71b3\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29107,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28900)","md5":"31bacfe1d010712cb3837aec4ec1e237","sha1":"3c28b0f6e91fa137ab67c8370f11f60a63d87d02","sha256":"4f0bbfaec56962e62f55bef603cc25d0f56cabce57471131b21f4e9438066baa","sha512":"29c73d08840e5e21c677748c0aa88ee7900968602af5cbb5c6f6bf801c765b64562f4401a49f041aad7e229461be70db9a5a74317bbff479724547013a0d19cc","ssdeep":"384:Qu5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8yQ/8dwwdG:blr+Klk3Yi+fwYUf8l8yQ/eC","tlshash":"73d250e8e54c01d66731c48bff81b36862baf73dd5844d99f01f690c29d22a522c5fba","first_seen":"2025-07-24T08:18:25.967403Z","last_seen":"2026-05-30T10:19:54.503987Z","times_seen":2865,"resource_available":false,"data":null}},"time_used":2848,"timings":{"blocked":1032,"dns":374,"connect":202,"send":0,"wait":771,"receive":0,"ssl":462},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/prizedraw_pop_unite.css?ver=1733883989","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/prizedraw_pop_unite.css?ver=1733883989 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 6938\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"6758f855-1b1a\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1703\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6938,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"f56d937649f436cbd7617abc7b9302fe","sha1":"761345474d919ce27ab91f2e4802763067c30a3a","sha256":"c9e27bfda9106e5282324702332c7bb8fdc46307daa7542be22bb586690a2a15","sha512":"4d99d6d61b1720501131379c1ee5a115e346dc5b271dd2cc3d39a29237034857893a56b757ac21c58d079fdf9e994684ca5b4cb8b404ae5aae0fe6f592d4e0d1","ssdeep":"96:jIjyND5elhmYza9/4Oynn0LDqsEx6hhIArcBlCWhXW5bQMqYsxhe0CKFwfO:zMfeEn0LDqlx6hfcBkW5WN3IhsKFwfO","tlshash":"aee103f0e38f38c97bb797e96eeb0d46a54602cbe202ce04a3595ce55f5a23c3535284","first_seen":"2024-12-11T12:22:16.015061Z","last_seen":"2026-04-11T00:00:37.152071Z","times_seen":4331,"resource_available":false,"data":null}},"time_used":1149,"timings":{"blocked":947,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/font-awesome.min.css?ver=1753257975?v=1767572653","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/font-awesome.min.css?ver=1753257975?v=1767572653 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:24:16 GMT\r\netag: W/\"688097f7-71b3\"\r\nlast-modified: Wed, 23 Jul 2025 08:06:15 GMT\r\nserver: nginx\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29107,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28900)","md5":"31bacfe1d010712cb3837aec4ec1e237","sha1":"3c28b0f6e91fa137ab67c8370f11f60a63d87d02","sha256":"4f0bbfaec56962e62f55bef603cc25d0f56cabce57471131b21f4e9438066baa","sha512":"29c73d08840e5e21c677748c0aa88ee7900968602af5cbb5c6f6bf801c765b64562f4401a49f041aad7e229461be70db9a5a74317bbff479724547013a0d19cc","ssdeep":"384:Qu5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8yQ/8dwwdG:blr+Klk3Yi+fwYUf8l8yQ/eC","tlshash":"73d250e8e54c01d66731c48bff81b36862baf73dd5844d99f01f690c29d22a522c5fba","first_seen":"2025-07-24T08:18:25.967403Z","last_seen":"2026-05-30T10:19:54.503987Z","times_seen":2865,"resource_available":false,"data":null}},"time_used":1715,"timings":{"blocked":905,"dns":0,"connect":0,"send":0,"wait":810,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/bg.png?v3","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/bg.png?v3 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear.css?ver=1764840037\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:35:43 GMT\r\netag: \"69315265-43ab9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:35:43 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 277177\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":277177,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 486, 8-bit colormap, non-interlaced","md5":"8f675d8f22235265f25c001794f8cbec","sha1":"1c504faf21b68baae9d704b53a91da9912668bc8","sha256":"ccb06ad0f4501f5a332df6967f17e117ad08f08bcfa95e85a4e575e8485b28f1","sha512":"aaa617e19f0e062f3ce86c0810980a8ba0c03f257e073cec068de9ec53a47cacded76db92c1c15ecaf602dcac2771da8254b5bbbda5a335cc65c7ad34df84066","ssdeep":"6144:TiwMhuMFByn6nVHZ9ciryI6sFXfwdPU9FuuiY4gzrur/Qa8636HMfC:TiwAL/yn6VHZ9LryOXfIUzrurQa+HMq","tlshash":"ed44232d84fcc6bf8d679386483bef07daa4765bf74146ca72b766ad60865b000cdc12","first_seen":"2025-12-18T06:38:49.949388Z","last_seen":"2026-01-05T02:59:01.692688Z","times_seen":33,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/sweetalert.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/sweetalert.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: W/\"5f412ba9-59ad\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22957,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d8cc26070373f41241f37ce5a9c9d885","sha1":"3ecb6f91187c0153724c950efcea0b0d944fd5aa","sha256":"460df149ba9d2eb000637d9bfb2df51c5080a19e9071ff4ed5a4b7e21a0bd2f1","sha512":"a10fd7b306bbe186c50c35066e45fb6491741c8ab161d6e8447069aa919e943b00768a3b65180195d68f6f2b7f4195035247d0b9115e5a758189a60bc1c04533","ssdeep":"384:MrFKaS31F8FkfZ6vFyFiFz2FFF01GF7xGxTxGxJwdD3qX1YtiemnEzpazAP:MrFKaS31eFkR6vFyFiFyFFFhxGxTxGxe","tlshash":"5ca223eb1de31284a727874553de4b2827384043a81bdcad77cd519ecf81eec21dab56","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T10:38:07.188445Z","times_seen":5475,"resource_available":false,"data":null}},"time_used":2209,"timings":{"blocked":1000,"dns":377,"connect":202,"send":0,"wait":202,"receive":0,"ssl":425},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/promotion/images/uploads/47.png?ver=1700645340","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /promotion/images/uploads/47.png?ver=1700645340 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 22:39:45 GMT\r\netag: \"655dc9dc-440ae\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:39:46 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 278702\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":278702,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1003 x 133, 8-bit/color RGBA, interlaced","md5":"45216714f5e74d8f39be77c3a1b69e48","sha1":"01851946e593ff429283f65069f91fa06d125e4a","sha256":"fa75930bd0831bea7241adab5ceabcccd7f3b8e5081078ca7340cf15f1f7e6eb","sha512":"21d848205eee266be86f681308b9184142a02896b2fd51a0509e5415254665756a5843b3572d38a6df3577297f4f3830598ed5af7830e492b20c770d5e0ed306","ssdeep":"6144:1YNmoh4FzQLVo9aEXcjsf6Ze9Lj2WgaO6GD+5knqi3J/lLHDRJbsaQSI2W4Q1Y8:4mBaIVXf6Zet2WgaOvT7L9py31Y8","tlshash":"1d542310c6d56c2eda6e67d88d83a3517cdab325f286f9cbcbb144881d1c903e76878c","first_seen":"2024-12-14T16:38:56.527593Z","last_seen":"2026-02-27T02:44:54.049319Z","times_seen":147,"resource_available":false,"data":null}},"time_used":2286,"timings":{"blocked":852,"dns":0,"connect":0,"send":0,"wait":1011,"receive":423,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/common/storage/cms/cms_1083.png?v=1612880139","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /common/storage/cms/cms_1083.png?v=1612880139 HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; vanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 27231\r\nConnection: keep-alive\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nEtag: \"60229911-6a5f\"\r\nExpires: Mon, 05 Jan 2026 12:24:16 GMT\r\nLast-Modified: Tue, 09 Feb 2021 14:15:45 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: UPDATING, HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27231,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit colormap, non-interlaced","md5":"083dcae037d113283d35610595299275","sha1":"f225b2b127e8d225a8911426742be25a683e8c11","sha256":"5f8dfd94e1774c3de80fa4fd84b1ec88aca70b1f0404b901e6937f69e6073a4a","sha512":"f3961a8cfd7d8c80a4fcd61fa20d7089347cdbeb8bac61672f8e810c90f61fce64c664929de946f1681c401dbe865e8971915d2b987bd84c76439b3d1aa1bb09","ssdeep":"768:Bd2Xa9+Nq/JMYDHnGnTy6IunVqUL7tDIoM+:BA7NKqYDmnu6tqFI","tlshash":"06c2e14d84f8ffb28c48192d85c07e271d68989207ca83755c94caaf31db79790fe5e0","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.527696Z","times_seen":998,"resource_available":false,"data":null}},"time_used":1848,"timings":{"blocked":1657,"dns":0,"connect":0,"send":0,"wait":189,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/footer_tindex.png?ver=1606876112","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/footer_tindex.png?ver=1606876112 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:23:27 GMT\r\netag: \"5fc6fbd0-77ec\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:23:27 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 30700\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30700,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 860 x 320, 8-bit colormap, non-interlaced","md5":"4cff4dc9e549d34af27afdf92ca7d2fa","sha1":"0eb049b2a26b17cbb3f8245ed917d1cde98270b8","sha256":"0cd23fe23383f6e30f715b9fdbbe23561ad39cedad929a2622464bd6b50f9f29","sha512":"d1adaefaea4ed22f7d6d52da60d05758b18d79624f8fd58b531d90fc377928b31e235d0bce16306225534875f2ba28d03bd94105fcd5d71729461aac7a19dd02","ssdeep":"768:WfNuoY2JXbpSK8Kl4JZ6xyTqERQ2mKmY5Cha4Zv:WfNuoY2J38KOUie2QYj4Zv","tlshash":"13d2e083c312a6d154a3147be9d7bf80cafca505891a8d7d00de9821a7bb4d3ea530f2","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.509042Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1850,"timings":{"blocked":841,"dns":0,"connect":0,"send":0,"wait":807,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-gt.png?ver=1600747940","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-gt.png?ver=1600747940 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"5f6979a4-168\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 360\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 37 x 32, 8-bit colormap, non-interlaced","md5":"c8b8b09e3d3f8a69599182c5df680895","sha1":"0522f162609c91017ac5977eebb1ebd207a57525","sha256":"ac257cdb0555003da4b484189c57e37c9758258b6fc0fa653ce17252c6e54f41","sha512":"b3d5b74b08547d7084a4ba0cba601c51ec7cb4ba9ad3bd05471f7cc3ec0ee7f6b0b954d8bb20439928be26a6a0f2e7f92ec27b95ff04fc326074ac0fe14efb47","ssdeep":"","tlshash":"9be02051ff2ad839d1e75f755adf4185dc9ed0f8fc23030632520d10162e890a3b4997","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:23.034263Z","times_seen":4987,"resource_available":false,"data":null}},"time_used":1647,"timings":{"blocked":839,"dns":0,"connect":0,"send":0,"wait":807,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/plus/plugin/js/bootstrap.min.js?ver=1598106537","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /plus/plugin/js/bootstrap.min.js?ver=1598106537 HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; vanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:15 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nEtag: W/\"5f412ba9-90b5\"\r\nLast-Modified: Mon, 05 Jan 2026 00:23:25 GMT\r\nX-Bos: b83\r\nExpires: Mon, 05 Jan 2026 12:24:15 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: HIT, policy, disk, MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37045,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32033)","md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-06T21:16:14.113592Z","times_seen":90077,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/float_unite.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/float_unite.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 725\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-2d5\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 272\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":725,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"077a2c1ebe25590b50eae8ce89787e0c","sha1":"499751737e286bbc93a46a1d2d4aaa3e2163d336","sha256":"093a799f9422754f7e53dfcc8516d3753616de283a14553f37d58b3822fd1b3a","sha512":"390f32fe8e81d9a379c14e0552c198d5f83e650f085b1df623c45cfc1aa4076d2e220ef02a4ef6747c0cd597eeecc510a67933c26190cdc306b28ffc861c366a","ssdeep":"","tlshash":"080147d307230b40fc1ea3196fde835e142a00cb9c9ecc08366827689f4b62c9662ff4","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-05-30T10:19:54.447735Z","times_seen":5025,"resource_available":false,"data":null}},"time_used":1319,"timings":{"blocked":916,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/snow.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/snow.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 22:48:51 GMT\r\netag: \"69315265-367\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:48:51 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 871\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":871,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 77 x 71, 4-bit colormap, non-interlaced","md5":"fe395322cf2ebd203b25b87089cb6c63","sha1":"e85be8f65fcc02ad200e52be9aea7066aac9f6ec","sha256":"5a97e37f6a5e6885f82c9be3b07c080062cedaeb5c2b8584326236331d14413e","sha512":"be3ba37e7532d67a88eaebcea0de149862583585785888d823d5120a2eb0b48a96bf54b3644ff80a4fdf0ae66da47525754d34074c91924d32c4cce031cb5499","ssdeep":"","tlshash":"aa11d6c7a727b9b8eb931d3042006c8a0c26cc83282de1af52c37c078f3c84e8d8d604","first_seen":"2024-12-20T12:48:50.249045Z","last_seen":"2026-01-05T02:59:01.659267Z","times_seen":38,"resource_available":false,"data":null}},"time_used":2267,"timings":{"blocked":855,"dns":0,"connect":0,"send":0,"wait":1225,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/title_EN.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/title_EN.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear.css?ver=1764840037\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:06:25 GMT\r\netag: \"69315265-5367\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:06:25 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 21351\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21351,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 285 x 142, 8-bit colormap, non-interlaced","md5":"830f1cdba35f7df5d1cbfdb96435ca7f","sha1":"5fe65b5a85a214866a15fb6768784c688bc3dc1f","sha256":"2f8f5d73d36e1de4a29291fd9e0a352b0afb288d8e5d6d78096ddeed11d8a090","sha512":"02447c96a4fa6af2204ef532b6822504921ddcbf44eaf49fb408aa876bd7d7a999909dcf7b2bf1a4cc56c4f22a9b25bbf7dcbecb4284e4079af1aa7b95aa3f4d","ssdeep":"384:nHE8pCBjmsz1/KZg/JKrbSTRCKX71cRH7RkH4GE7UP1zGLBa52h2tp25Rc:nVCBjmPg/MmtC6oeFOo1GLo2h2e5O","tlshash":"b6a2e1ee8328e5d30d06e25610f2442e9c8c1906526c746f5855fe08e2377ff8ee5ee6","first_seen":"2025-12-18T06:38:50.012605Z","last_seen":"2026-01-05T02:59:01.687603Z","times_seen":33,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/prizedraw_pop_custom.css?ver=1663905027","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/prizedraw_pop_custom.css?ver=1663905027 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 18\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"632d2d03-12\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 38\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4957b1edbdaab02ae3242ff27d3732b8","sha1":"0fa68da2f11737fdc4d7961a632581c13f7a8577","sha256":"1adeb028e615a654ebf218f188ad6bc841ad3851da01b28dc4af82ea77179108","sha512":"4965ba38ebc9edebf0321e50f78d18cb9562fc234ffaf91715ecc3c9c9842e56a153a3cc9a30d01a234e8be4e0137d35a06dca1dee9b671ce80a4fa10152d485","ssdeep":"","tlshash":"8d7000000002000082308a280802002800a8b0822200888c8880002a302a0020000880","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-04T04:52:10.594102Z","times_seen":5138,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":940,"dns":0,"connect":0,"send":0,"wait":203,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/css/animate.css?ver=1652666270","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/css/animate.css?ver=1652666270 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:33 GMT\r\netag: W/\"6281af9e-12fbe\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:33 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77758,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8dbc6dc67b4724087e6d907ff95ac6db","sha1":"9e12535c54fa1391d46795fc52d7071251974101","sha256":"a6bd510fcb0a3e7e274824c8272223a2d9d664ce6634559f18200f9fc0bb4371","sha512":"1c6b28f94155ce6a027e8bd3aeadadca21efae7550503b3d5d41835f1548addfc0877f162ad506efd925048f39214172284b4d8dfb525770a38b5df92c348ecf","ssdeep":"384:BHNuKu1Lsg9unuFl3lH/4/0uJuDqDxbe3NxdV2PVriTKIZQMcLceo:JNuKuWg9unuLuJu9KIZQMcLceo","tlshash":"ed732fad2991108456638a1d83df5e68273ce573181aadef73c2488fcf8bf6857c9147","first_seen":"2023-04-08T15:08:23Z","last_seen":"2026-06-06T14:08:01.265731Z","times_seen":3293,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":937,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/204x30-live-streaming-02.gif?ver=1678956392","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/204x30-live-streaming-02.gif?ver=1678956392 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Sun, 04 Jan 2026 22:51:51 GMT\r\netag: \"6412d768-1a9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:51:51 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 425\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":425,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 204 x 30","md5":"63c123f206f80da19ec63d929f8e5f45","sha1":"41fbde8999e4486fc23779736c4717dff55702b6","sha256":"7ca0b58a9b93be2acea0a96626d5c6597eefeeee1602330f60e2f5b54dbef61a","sha512":"26a7fa7546037e3961e73f71c45a6fba16af15012af3ddaff41c0fdacd01e4826dceff00cfa8653313480a1bc899739cbf31bc30266c9e317cae9da9a1e7563f","ssdeep":"","tlshash":"67e060eef04444ece90ebd3b8b081204fe9c57a001524fe18c7021e488a77eb33a838e","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.466761Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1850,"timings":{"blocked":843,"dns":0,"connect":0,"send":0,"wait":809,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-18plus.png?ver=1600747939","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-18plus.png?ver=1600747939 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"5f6979a3-1b9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 441\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":441,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 4-bit colormap, non-interlaced","md5":"950ceac8f20ad504e908c855fef89833","sha1":"694bdd9709a9bb3be26c6f7bb350205eb44ac7b3","sha256":"e17939202163e612402dbf251414bbb4e5faffdd133fdccd0bf2afd356e0d635","sha512":"07ef639d2d340fe07a2c32c06d67548675b57884e9c89e508cd1abce17dafa0e33bdff120c5c6f41e7fbb9d68f32908e859ed01b0d6f27a1fdb28b040749d289","ssdeep":"","tlshash":"f1f023d3874e9c50f4505f61c66f1a8398b68e0cd0afe906d91073bc283a724b2d36c3","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-05-30T10:19:54.511396Z","times_seen":5029,"resource_available":false,"data":null}},"time_used":1642,"timings":{"blocked":836,"dns":0,"connect":0,"send":0,"wait":805,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/swiper.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/swiper.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-1bee5\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 114405\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114405,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65271)","md5":"b8be4ec964b15c656c05a17f822762b3","sha1":"1afabbf1eeecc4d7ddfbb4c824696ce1aadc8d0f","sha256":"e32b2b578b1345c05be32292da9016f7ff564bb3f4aeda3c1b6b76869648fcbd","sha512":"0abfe93e1dab3db289b0efe0f92e42f6ff14cc4e550b5bca8d4a84fe736245fb70b39e5b86bd9aea620e6fd73a76ce8aaed9d3a561c6208dc9108778dba141b9","ssdeep":"3072:2hUcC5HqffYIdcMZOGHgZsUOUIBdID8CX:y45HqXYIdcMZOGHAsUOUIBdID8I","tlshash":"7ab3094eb35071a551e36257525e8241a3b72409780ad0ac35b6d8ebacbde4c13bfefc","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-04T08:12:43.150166Z","times_seen":5128,"resource_available":true,"data":null}},"time_used":2445,"timings":{"blocked":827,"dns":0,"connect":0,"send":0,"wait":403,"receive":1215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/checkinput.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/checkinput.js?ver=1598008226 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f3faba2-3c14\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 15380\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"1701a1c0e116f99b046f95c9f2f4ef5a","sha1":"c0ea303e6c96847ed6bb4c72afd3a84332ab5b3a","sha256":"5a053d48644953a4dbc5f0cb73d4723dd958c9b5574be9cdaac4bccf21d9f38b","sha512":"131b0b96f085bbabf04eac826013f7a62402bfe7e8aa4f6830ac9bdd4d629e4062a687b03a14d6c02d8ea741aea17fe4646da4c054c1954454025fa22f0fd307","ssdeep":"96:ZRORCQC5WCPCD9CQCwCGCkCmCQC+MiCwCdCuuCkCbmCd9P/ddPojcHoujp1SPZaQ:ZRRRvJdlANu91diXdT59j6IQNHYerS","tlshash":"9d62204de0983ea6857333750e7f5200f57906278525eb08be9c59b42fbe80a4b63f5a","first_seen":"2023-04-15T09:13:23Z","last_seen":"2026-05-30T10:19:54.512043Z","times_seen":5039,"resource_available":true,"data":null}},"time_used":2266,"timings":{"blocked":828,"dns":0,"connect":0,"send":0,"wait":402,"receive":1036,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/sweetalert.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/sweetalert.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-4262\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 16994\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16994,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16994), with no line terminators","md5":"2f9966a615f3f46d846807adbe42644f","sha1":"441544c084828da55ca0bafdc4c3df7dc7020820","sha256":"be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c","sha512":"e85f14552c1b5837780990e210223c5d6f532dd55f16589f682d1f2f95acc540b715aaac23ce12f871661006f80ec9043a9674dfdec1c3efc0819125d492dff6","ssdeep":"384:Rigwo5UpVZG9lOUlgkhzj7FRNE82XyySyTYayWri/SRVRXFKP9nWZcT2Rc8ex51f:RiB8lOuR5wSWrrRVR1KP9WK6Rc8ex/","tlshash":"ad72c899325438b327e361f1009f504ba4b196bde8095861376cc9e62ff8cc95ae2f77","first_seen":"2023-03-07T01:11:43Z","last_seen":"2026-06-06T18:59:42.798441Z","times_seen":7131,"resource_available":true,"data":null}},"time_used":2272,"timings":{"blocked":827,"dns":0,"connect":0,"send":0,"wait":403,"receive":1042,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/font-awesome-addsvg.css?v=2507231","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:16.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/font-awesome-addsvg.css?v=2507231 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/plugin/css/font-awesome.min.css?ver=1753257975?v=1767572653\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:20 GMT\r\netag: W/\"688097f7-5ce0\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23776,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2811)","md5":"6097f31c1b8ed2b58b36a26a704531d1","sha1":"f9d2b2c866d186c372ff6c11d5f69e608ca0f457","sha256":"4acd44ed0da6eae50d2f4b38649e6085c73d3202c08ba85870be5e0eb80a55c9","sha512":"a02f15b6e01f10bac28e3e1e24f8605ab65bf0c1e0a10b6746cae341194037cc71b124f39ee75fbe28bd1175f329e7065595437131f8856801c574642b84acc8","ssdeep":"384:AD+8djF3PcO3Pc4XfVK2wMXyWq73r2wMXyWq739WqMWqq2gw/2gw72fQ62fQ99:S+wxBjVHyvjqyvjUi1wDwq9","tlshash":"86b263b2460a78e24d143b3bd2a92a0d574dd6e2fe93ee56d07609588b0ff1837471bc","first_seen":"2025-07-24T08:18:26.078876Z","last_seen":"2026-05-30T10:19:54.479935Z","times_seen":2864,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery-ui.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-3dee5\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 253669\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32074)","md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T20:30:52.521048Z","times_seen":21187,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear.css?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear.css?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:33 GMT\r\netag: W/\"69315265-2aa8\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:33 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2758\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10920,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"d1fecb125c6cdc88a7778e7e05be2dda","sha1":"d0968880eb5f56aaf44811150f99f703d63dd23a","sha256":"9c4a27c25f65bea95bcb65336140c61fdeda70dbac89a4b1e87c8e39871c46f2","sha512":"43832531cb2c2a0d7e2f702f9cfaa8aa2400f80d131ee03171f80e30ead43fe6b8cf4b246099826c3146a4c8339b4bfac941aeb71b11263a1d0040375dfa1cd9","ssdeep":"192:qf5GCncC8Il1xFT2W0XVCqCwAWd4didT4didt9tsInA+6yA+61uNuql/T:QrrxFT2dXxkWZx","tlshash":"d532229569f328045227827cabdb5ea8223cc0f3564fec6d72d2505fcfc5a98e387646","first_seen":"2025-12-18T06:38:50.010159Z","last_seen":"2026-01-05T02:59:01.675117Z","times_seen":33,"resource_available":false,"data":null}},"time_used":1326,"timings":{"blocked":923,"dns":0,"connect":0,"send":0,"wait":402,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/main.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/main.js?ver=1598008226 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f3faba2-78d\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1933\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1933,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6a579f2e4d3b31b3ea017e7b03a475dd","sha1":"8d9a6430face051ae1365d421f15c60cff36613c","sha256":"ca0d1288490dab47eb98606d7e519b4be96e1d5f354b8cf4a6ef39dd1846c41c","sha512":"e5c65863509fb786d1a2ac8a1c0e0ec1446158037079a067eb6976040a0d912e326c2254e7968a7e22ae794d3adad6b9bfccbd2a4eb35dad622676d3a989d742","ssdeep":"","tlshash":"1941cc1df9f665c208b730164f3f451c2163a81f6a09ce40395c65c09fa267ed2dbeba","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.519159Z","times_seen":5038,"resource_available":true,"data":null}},"time_used":2253,"timings":{"blocked":825,"dns":0,"connect":0,"send":0,"wait":403,"receive":1025,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/assets/js/caller.js?ver=1675418258","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /assets/js/caller.js?ver=1675418258 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"63dcda92-1122\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4386\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4386,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4e7441dc033395b76a96b25b6efef0f0","sha1":"c833e33f4a95efa559a847dfff036cb904260b48","sha256":"80caabbe50f5f83254e2545d01bacf299c7f417a103e912bd41d6c330a6e4f86","sha512":"e96041ac2b7106fe9aceddc1faa3e996ffaa97945d56cff7b3ca0697492cf6ff53f6fc3826319a85eb360e684a166c0c8c075118a37655312dfbf231ff9aa167","ssdeep":"96:veR5suijTWxKhgCBTSCkAjnhefPMm03OMu9eqeeV0vMu9eqeeVqgYi:veR5su+TWsU1eO70v76i","tlshash":"dc914212de042051f76332b85a55661f6131684f7f8a888dbcbc747f9b70acb857d189","first_seen":"2023-03-13T18:11:33Z","last_seen":"2026-05-30T10:19:54.456167Z","times_seen":5036,"resource_available":true,"data":null}},"time_used":2245,"timings":{"blocked":807,"dns":0,"connect":0,"send":0,"wait":404,"receive":1034,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/login_unite.css?ver=1614680239","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/login_unite.css?ver=1614680239 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 170\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"603e10af-aa\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 155\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":170,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"5aa3dbf621e04d73e3a023b18dd141bd","sha1":"f35345fc401964592d37688e641b86f9eb3931be","sha256":"dcde9ab25bde6d1827a49457a7ef72e7e177ef141a188e074e23a9136ca2ef66","sha512":"1bdbd3e8c6e1dcd6e4381ac29ad636f9218a8ec0a972ee77c1ed1a4805d7d4bad8d776de93ca554d7f116e9a1f01873d6f1c048ed348873b78b5d3d285e5273f","ssdeep":"","tlshash":"d3c080530c954f57d50786957c9e87029b7e60209e548f1f1c341878da85f2461fd575","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-05-30T10:19:54.481756Z","times_seen":5027,"resource_available":false,"data":null}},"time_used":1489,"timings":{"blocked":885,"dns":0,"connect":0,"send":0,"wait":404,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/sleigh.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/sleigh.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:49:47 GMT\r\netag: \"69315265-d881\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:49:47 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 55425\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 399 x 349, 8-bit colormap, non-interlaced","md5":"aa9e1cfd219855143fe57088821b1bf1","sha1":"0c5c9c0c24a324466b078c99a905564501b0c2e8","sha256":"3238aa6ac60295dfd7696b3aeae13b7c84f2b094b0dab9c01a5e25a21216eb5e","sha512":"d6e2ea514efe0b4ffd4ba75e58629459e507be7731cb8ca9e2860888f80508d7314ff96238759a9e2c281b73a8d82d632175757cbe0369eabd5b1ed46bdc319e","ssdeep":"1536:/BuIE2Vfb3YiLW/i7hsta+SEp+LnwblSYxZ3g:JxoV0+BpqnWhxZ3g","tlshash":"4943028d6a85fb21f30a388bf23e4831d359a02ff45891ad4c083436907d59a7fb55be","first_seen":"2025-12-18T06:38:49.980112Z","last_seen":"2026-01-05T02:59:01.687082Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2275,"timings":{"blocked":856,"dns":0,"connect":0,"send":0,"wait":1407,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/login.js?ver=1597629260","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/login.js?ver=1597629260 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f39e34c-bf\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 191\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":191,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"24bc8669caf172f2c17a06fcd73ae539","sha1":"3bad8f340bca43d8fb98c3ca39def12f816769a8","sha256":"29df48677fd1c2b2a602c35faeadd3693f083b78550b2c0f3108f356c34b74bd","sha512":"0b4b2dc35f8b97238079334be832751d1e33dfbbddda4961c38127afadcb088101bad71b0442bd810930df2658dfd9f42da0b08d44bb1e1f1dd0a5dde33423a3","ssdeep":"","tlshash":"f3c02240b13f377c587372a0803a0506df73701c1c0056e0b0b842a02c187040813c78","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.499787Z","times_seen":5041,"resource_available":true,"data":null}},"time_used":2239,"timings":{"blocked":812,"dns":0,"connect":0,"send":0,"wait":403,"receive":1024,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear_custom.css","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear_custom.css HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: no-cache, private\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 05 Jan 2026 00:24:16 GMT\r\nserver: nginx\r\nx-cache: BYPASS, Status: 404\r\ncontent-length: 1135\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T21:09:45.625607Z","times_seen":16191656,"resource_available":true,"data":null}},"time_used":1324,"timings":{"blocked":920,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/login_modal_unite.css?ver=1738950076?v=1767572653","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/login_modal_unite.css?ver=1738950076?v=1767572653 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 6984\r\ndate: Mon, 05 Jan 2026 00:24:16 GMT\r\netag: \"67a645bc-1b48\"\r\nlast-modified: Fri, 07 Feb 2025 17:41:16 GMT\r\nserver: nginx\r\nx-cache: UPDATING\r\ncontent-length: 2001\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6984,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"252c2fa58e6d682ca2b18b0888ebf910","sha1":"511ef6db164e0c745e67941cdb2043aef965dd0e","sha256":"5bca12ef0f6bfba5c12cbdd0eaeeb1d48e05c91149df7743b76b80480317306a","sha512":"1aa311c2f06a767d9eeec9c384f806d2b19977bda91af36a6aff9443896e677a3e488974b64c0e7c3e6a07cf77c834e6d115a8388b5938f065c5cbeff224c7d7","ssdeep":"192:4ybbQhWJZ4JWpC/+FtCmSCgIUaTgIaxl+F5Dm9qE:tFYd4F5Dm9qE","tlshash":"9de11e0576bf0a63a06e860935ea9b80630f9217c615ef7f7df132448fcd6689139f64","first_seen":"2025-04-11T10:47:55.703801Z","last_seen":"2026-05-30T10:19:54.452223Z","times_seen":4293,"resource_available":false,"data":null}},"time_used":1714,"timings":{"blocked":902,"dns":0,"connect":0,"send":0,"wait":811,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/js/empile.js?ver=1637918556","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/js/empile.js?ver=1637918556 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:34 GMT\r\netag: \"61a0a75c-684a\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:34 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 26698\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a627d30c6bc0b10626ab5b2519dcc805","sha1":"4bb4096e0dd58fe05ba82f669b79d1e077f05f59","sha256":"a898bdd55d53b67bc241422495a7ea5b582be655409622c80dc992e7207e8f2d","sha512":"5264cd1c9a2e8526c666d1eafd03560e434522a35405daa6f3d05c098a10e43582cd1591453977cf33abc152be7821820b596c8e6095802da6f24b217a4c18f7","ssdeep":"768:gwl5p4zyOuB6fYoR34RXOlaKW//Qqsxlz:Ll5pXOuB6D1/","tlshash":"cdc2435d65a230a189b373f98f6e840aeb75522b4105c2643dfcc5982f74c1853eaefd","first_seen":"2024-12-20T12:48:50.32179Z","last_seen":"2026-05-30T10:19:54.51743Z","times_seen":85,"resource_available":true,"data":null}},"time_used":2292,"timings":{"blocked":845,"dns":0,"connect":0,"send":0,"wait":410,"receive":1037,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/light.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/light.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/css/e202512_xmasnewyear.css?ver=1764840037\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:12:06 GMT\r\netag: \"69315265-2f478\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:12:06 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 193656\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":193656,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 937, 8-bit colormap, non-interlaced","md5":"2c534ba8c628a7067c8f1a92cec693c4","sha1":"892ccb710f94e80007a2c7798f0cef1574f79ddb","sha256":"ac69f822becb472a37bf4da56eded44a721ad8acd5b7a7303ca7be4f4fefc026","sha512":"5bdaa2f26d5fdb73f375b4b6cd36b3c82f706ecfdbcd663f05231c7b194cbb03103db9dda83eb586b6c6fd5f6180a127878c14fe9bffa05e1171192be7243644","ssdeep":"3072:he4qsnhxHPZqQ1TsPokmbCejYfybIDqVOp3jYnpfZ73Y1ol4UYq3OSc1TuQceHSH:JlnnHz39bIeOqpfxEq+Sc1eBBPncE","tlshash":"1a14123b11ba3705c96c02be1b5d0e6de49a6cd92f7dc8510e782ad5cf1fa01eda9384","first_seen":"2025-12-18T06:38:49.923415Z","last_seen":"2026-01-05T02:59:01.705542Z","times_seen":33,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1081.png?ver=1612879623","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1081.png?ver=1612879623 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"60229707-8c8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2248\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2248,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 56 x 254, 8-bit colormap, non-interlaced","md5":"9db7b51805575c39ee9f39665b0f7ab4","sha1":"f1a2bf9f5d5796a06122c20077563d17c016f626","sha256":"0c267456e5c0f717c238b3b41418e9745826d8854f9113e2f504ba9a4df28c95","sha512":"0cfe64e0d430e69c834a7c9f837c0ea4efd518898fb3b1ba748ab55edb6a2496b3676d5062815e1d401aaaa70f9f14b17867392510dd47f262cae2ac7d8591e7","ssdeep":"","tlshash":"85411bd8bcd30fced4e91000a1e99b418776203795ed0092ab4aa4133bc19fe1639765","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-02-02T09:08:19.822977Z","times_seen":3243,"resource_available":false,"data":null}},"time_used":2267,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":601,"receive":807,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/share_unite.js?ver=1749181409","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/unite/share_unite.js?ver=1749181409 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"684263e1-a6b\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2667\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2667,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (527)","md5":"00c6288b67f7750a75b6e9abbf74c8a4","sha1":"5f464f4ce28448acc1c2fe825d4218795b023db4","sha256":"20327edf72e6632c450e8f8e443db2f728361f74b68697932491108c7f483b9e","sha512":"39dac004bb9b904ec4c4bb4d4963c3b8c4c9d98f9a80d90e53134e28c6055831652f0911e59b58f54c4b1e7156d8aba181b90ee3fe0ba6aefb67162b990787c0","ssdeep":"","tlshash":"37513127e6b82006207730a7deee346b556a8426b3417f06b7bc01a54fc58ac7f9270c","first_seen":"2025-06-07T06:32:46.623015Z","last_seen":"2026-05-30T10:19:54.533079Z","times_seen":4068,"resource_available":true,"data":null}},"time_used":2251,"timings":{"blocked":823,"dns":0,"connect":0,"send":0,"wait":403,"receive":1025,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/icon_play.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/icon_play.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/css/common/index.css?ver=1685095467\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:14:06 GMT\r\netag: \"644f850e-d6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:14:06 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 214\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 7 x 11, 8-bit/color RGBA, non-interlaced","md5":"1d3364063dfed42858dddb89b22c4d71","sha1":"6d66d841a97e61c64dac75e15006bceedd7a0f93","sha256":"207b4691434677f319a50bd137a579be31f50c6c47ddbc3e2daa6eab7b9b05a0","sha512":"280a18a864ffd4963331d31553c9aad4dc519c89fcd32f46f06abde3289e28b0e17c292b8cb42ce8f06dec8863fd1345522ada523e20a1933f9dacde17cd0c93","ssdeep":"","tlshash":"fcd023c20191892ce15471331782e030c0324d01992083cc1f12e02b3f72601d43a021","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.461832Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/header_unite.css?ver=1744941935","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/header_unite.css?ver=1744941935 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 4957\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"6801b36f-135d\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1796\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4957,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"b934b75c09f2645b1e46dc5a89d13fe9","sha1":"91a38586f325f7b98af5eef96d66f38a04dace2b","sha256":"f17daf0db63aa8fbab2a4a73efe37469d9b17d13df2a1d7ad0512671c6ebb408","sha512":"d8e77a3eeb8a2d055767cbbe218a53bafa85c99fa3efaee736a4dd74743b922e6d64115317560c72969d0e3496c13f5b684803ca71ff6b0c4b3f7c0fa7122862","ssdeep":"96:N1/uCASG8K0h91s2sqVKnmqHuRbElB/sAx7BdlAfq0WO:N1llK0h98nHkbaB/HB+N","tlshash":"56a165ba9304100ab367d56578a0cfea63bfa1918442ab7dadf9304dc4ce1d456f62c5","first_seen":"2025-04-30T10:38:17.688345Z","last_seen":"2026-05-30T10:19:54.534627Z","times_seen":4290,"resource_available":false,"data":null}},"time_used":1485,"timings":{"blocked":880,"dns":0,"connect":0,"send":0,"wait":405,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-14979\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 84345\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"f9c7afd05729f10f55b689f36bb20172","sha1":"43dc554608df885a59ddeece1598c6ace434d747","sha256":"f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c","sha512":"3dcae1ff6e98c64e3586be3eb14dd486c51f7d4e9fa1b8f9a628be4fbb6a9ab562f31f9b50e16d2e0c72b942bdbe84eee8e0ef87fa730db1428b199a59d88232","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrJ:++414Jiz6fh6lTqya98HrJ","tlshash":"ca83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-06-06T21:19:47.964712Z","times_seen":25160,"resource_available":true,"data":null}},"time_used":2490,"timings":{"blocked":875,"dns":0,"connect":0,"send":0,"wait":406,"receive":1209,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/reindeer_sleigh.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/reindeer_sleigh.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:21:10 GMT\r\netag: \"69315265-2cab\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:21:10 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11435\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11435,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 127, 8-bit colormap, non-interlaced","md5":"fc5b3f4a5cee021a6f9f0f4b4f87460b","sha1":"ceaebb6496eb4310b73c0b621425a8343a3aad24","sha256":"590489c772c19cc630da5e023dbc7d24256ca0b6ac33c47deec2c6b536ce1d86","sha512":"84449856b072ba6f10d94cb2f11a7dc942f6f207201c343b6b54480e3c311d1227b06872f346e9938bbe4ae0712c64ccc4954b0dec64f58c81014f990aa8a3c5","ssdeep":"192:9sP08WSKgcc57xqIkZYizTBfIGAsEW7XEAUWkhM1DbEMA/Xp+UmoeaIvjwebf:9ydrkNTBsW7IWkyRAPpYoe98eb","tlshash":"7432bfdcfeb54960ae2eaf1a70f917d11f46b625dbe9823730ee66415ba133013748c2","first_seen":"2025-12-18T06:38:49.928062Z","last_seen":"2026-01-05T02:59:01.67163Z","times_seen":33,"resource_available":false,"data":null}},"time_used":2276,"timings":{"blocked":857,"dns":0,"connect":0,"send":0,"wait":1407,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T00:24:12.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:13 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nSet-Cookie: introcode=232639; expires=Mon, 12-Jan-2026 00:24:13 GMT; Max-Age=604800; path=/\nXSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; expires=Mon, 05-Jan-2026 02:24:13 GMT; Max-Age=7200; path=/; secure; samesite=none\nvanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D; expires=Mon, 05-Jan-2026 02:24:13 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nX-Bos: b83\r\nExpires: Mon, 05 Jan 2026 12:24:13 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: BYPASS, MISS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"crypto-js","description":"crypto-js is a JavaScript library of crypto standards.","website":"https://github.com/brix/crypto-js","common_platform_enumeration":"","icon":"default.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129751,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"2f92678c7c424d9ab0e0251659a4250c","sha1":"bf42486c7109008213226b3fa823c3f73de85b8f","sha256":"7d457e262ef3ba7965586404790c2292a4a40bacdad162f72c3e95054930f63d","sha512":"d27f1d36b7773fc90ba92289ee38deb85635a180a61bdfdab941faa8fdce45e46e4f1c9297f22d86eaaf413f7ce9ba547e76c25e16485b284056949f8f9b7957","ssdeep":"3072:rMUD4If6kGxfZB1vhoLp0w1t3zWCXfM6Hu2weo:I04ICLRZvvqLttjJXfMcuR","tlshash":"05c302d75e62de0c2d15d8b8f3696f5e0bc89764a75ff427d0c66284800cb6360fd8aa","first_seen":"2026-01-05T00:24:52.773988Z","last_seen":"2026-01-05T00:24:52.773988Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2430,"timings":{"blocked":650,"dns":49,"connect":184,"send":0,"wait":755,"receive":375,"ssl":414},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/moment.js?ver=1580697220 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5e378684-1f30d\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 127757\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":127757,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"e70edb526ff09f426618efade93a4782","sha1":"840b05449d3851118fc835592bd98af885bdbf1f","sha256":"ab513aa4626ba224ac61b747674e6aead965f6e2cf87a2e60c7d4645b519817f","sha512":"943192c03e09b13bbdee324fda4c81d019b4cb5178596b5c548a1e6776022aded289a6076d32d5f55f99316b57b6f7db13c6429edb3a1e6927e7bcea89774cd9","ssdeep":"1536:/cZlnfxbjbJzvdvpeG2iMuz/M6z4QZFSNwmJaxxKZ5dFR79LNOf0uK:/cZlntbEG2i8umYx620uK","tlshash":"cfc3508a69476123467267398f9f4509ff6985330a0e8605bc9d92d83f71c6c43bafec","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.504659Z","times_seen":5093,"resource_available":true,"data":null}},"time_used":2246,"timings":{"blocked":804,"dns":0,"connect":0,"send":0,"wait":408,"receive":1034,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/header_custom.css?ver=1738643282","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/header_custom.css?ver=1738643282 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 6702\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"67a19752-1a2e\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2028\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6702,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9bb336c25275a44be055593cee547e55","sha1":"881e45a4d3bfc4ff6e3eb29bd7dad13fef00cbb3","sha256":"f093c1ff1c5576fe70b99542fa3ec95459e2353380574e6b3b9621d4d0d5e310","sha512":"94d669998c59ce5b10a47738e1b6ac68c54a590afe0ed793c08d57f2dbd4e334d8586dc9d76e0704adbdc2bf01689c681453a796605f716a56f8072934c40674","ssdeep":"96:585UOKrCo+wyCWiV9PR6FS5+j60XF1RnfgE6Gvg1CFcSk6yx2/kK5wN0DzMaZ:6oNRRrPIFW+j60XXFcdbLCvMaZ","tlshash":"a5d174c167e16448b526c5f2bc616a68635f6052c40fdd2cf3f8246cddee1c6a376368","first_seen":"2025-02-06T13:25:38.25631Z","last_seen":"2026-05-30T10:19:54.507126Z","times_seen":2886,"resource_available":false,"data":null}},"time_used":1481,"timings":{"blocked":877,"dns":0,"connect":0,"send":0,"wait":405,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-gamcare.png?ver=1600719130","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-gamcare.png?ver=1600719130 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"5f69091a-17b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 379\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 29, 4-bit colormap, non-interlaced","md5":"fed68f2bda8fcbde677d6243c0da867c","sha1":"19f6e8a0721b068651f3d893db375a0d2c44646c","sha256":"f1dd1841440203f7d5894ce378a49f8d33d02f6ba5896de0b885f1b9810d870c","sha512":"ed62b58cd01bdf562995311bdb2e6232bf8ace2b16c633c93b498d7236db5f326867323e2b9556afaff476d1253a276fa22aacefd0d8c04deb48dd648c20f932","ssdeep":"","tlshash":"89e0c0e03234ccbc094b1b6215d4f011d0278b6f38568c2b788e81b0ec101c1e55a747","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-03-19T07:12:22.986685Z","times_seen":3270,"resource_available":false,"data":null}},"time_used":1645,"timings":{"blocked":838,"dns":0,"connect":0,"send":0,"wait":806,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1050.jpg?ver=1607687349","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1050.jpg?ver=1607687349 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/jpeg\r\ndate: Mon, 05 Jan 2026 00:14:06 GMT\r\netag: \"5fd35cb5-72cd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:14:07 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 29389\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29389,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 844x214, components 3","md5":"38c80c4e821869df9ae28040c4e2abe4","sha1":"de9d8a0f1e6628df841ee9d05b0e0ac4678d7188","sha256":"f6d5607fe56e39eaffeaee05a3e7392bd9adcc9275e7e63f67881db018b68b73","sha512":"e84587a9bd387755437efb56331b2bc7a0e1140aa41f2f645f68b000b1f0be806b30aa435c6d6dee5fd49a19c22ba45617c71afa75c1f2028e65c377ea95f91b","ssdeep":"384:zOAdT2hjDL1C5uPFNiaxOmITLsTeZXBq3lz2HrqFrRmxbpyHovTaR65hcOFEgGUe:pEhjDgCLICeZXBKlxYpKov9ZEFt2G","tlshash":"47d2e14fca8dfa4c1c35f33d692e6b4e9747cf888a214d2956c68d0805d0e8e6796bd3","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:22.998604Z","times_seen":1426,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/promotion/images/uploads/73.png?ver=1700645340","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /promotion/images/uploads/73.png?ver=1700645340 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:09:10 GMT\r\netag: \"655dc9dc-a645\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:09:10 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 42565\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 120, 8-bit colormap, interlaced","md5":"7014c69844e162b1658929ee9871f139","sha1":"a2ced9c1ebdc750cce1ad530842c856e75e6848a","sha256":"14bc41442e3e289ec8a47bb5450ac28e5035702d529714d778d5232294b5d8f7","sha512":"ad6ecdcfb4eea5f9d3e9828f837b02f32aa71d784df45cd6dbd8b7da1e7766f243e1f7ce6ff73cde108319b58c376db63733d36a6652d903e7c32b1f1517fa6a","ssdeep":"768:2H+N8UKczvR5XmGfmsk4blAp2xVrZF2OkYyvIXskLf9MR0+1UX65L83Kxd+ZjMob:204cLRtzfm/OrZ3YCb/+86N83Kxd+Zj5","tlshash":"0b13f12f3b962e2119c7d56c71af2118b40dadb2d30d46bb3745e1a7a4a34b13b12dce","first_seen":"2024-12-14T16:38:56.525901Z","last_seen":"2026-02-27T02:44:54.06375Z","times_seen":142,"resource_available":false,"data":null}},"time_used":1864,"timings":{"blocked":851,"dns":0,"connect":0,"send":0,"wait":811,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/login_custom.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/login_custom.js?ver=1598008226 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f3faba2-0\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T21:09:45.625607Z","times_seen":16191656,"resource_available":true,"data":null}},"time_used":1213,"timings":{"blocked":806,"dns":0,"connect":0,"send":0,"wait":404,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/member/call-request?check=1","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:18.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /member/call-request?check=1 HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6IlNRUzhNaUQyeHBvUERxd1ZYWjF6Y2c9PSIsInZhbHVlIjoiemtwMjBEOWhsNk1nN05QMFJ6NmZrTWEzd2VBaGtCNFdrS2FxN2NBVWVYTkhJaUs2a2VjZXl5SzdJcEtXN1ljWGlmTGNJYktodyszOWtcL2xwdytGUGdRPT0iLCJtYWMiOiI4MWZkNTljMDA3ZDMyYWQ0YTEyM2IzYTFlMGRhNDhmYjkyMWNlNjYxMTBlNDJmNjZhMTVmODIyYzE0YzZjZGJhIn0%3D; vanguard_session=eyJpdiI6Ilo3SHF1dFg4cUg3K0Y1cWdQemgwcmc9PSIsInZhbHVlIjoiUnM4REtSdVhRVXFIWjdKNUdSVFJhMGR3dXQzcXl2Vno5NXV4d2JtM3BWWkc0dVY3b3V2eEtDRWV4S3VpdkloRENvb3F6aGdpM0t2YXpVY1o2MkVQeFE9PSIsIm1hYyI6ImRkMjRkMTM1OWMxZTIzN2M3NGM3MTEyOWU0YjM2OTIwZWY0ZjMxYzc3ZGMxMjdlNjQ1ZTU1NWYyN2Y4ZjU5ODUifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:18 GMT\r\nContent-Type: application/json\r\nContent-Length: 40\r\nConnection: keep-alive\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nSet-Cookie: vanguard_session=eyJpdiI6Im9QTnJcL3d0SXlWcUVoZnNlTXlZczZBPT0iLCJ2YWx1ZSI6IldsUng3NGRBUEFtbjF5WGZaaDY5OU5yY2RwQ2llWURDMXBKQW9BTVJLdExzcFlueEs5VkpzakJrd3dpQnNmeTNVTVwvSkk0ajJTREFDZHJUYW9nZEdDZz09IiwibWFjIjoiYTE1MTAwYTliODE2MWVmNGExYWRhZjkwYTQzMzgxY2VmMWJiODUwMGI2OTI4OWYxNjI4MzFjM2MwMmQyMDhhZSJ9; expires=Mon, 05-Jan-2026 02:24:18 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nExpires: Mon, 05 Jan 2026 12:24:18 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: BYPASS, MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"27a5688b27ae3688ca0183ce926be3c8","sha1":"fa4dec3b6af6674afd7b14710cac41b15ae75b29","sha256":"4359a477fc8cc8212517f5a190d4aa0a7cd1c85509d56d2a6a8efef408420ad7","sha512":"d73bb567a0b0280d42dda28c8e97725e96529072bd78d0844786e008d9ce3f89c7c3399eea85342be65d7b440d6023094b9f2f5d624e7dde0a46fbfb1484bc85","ssdeep":"","tlshash":"e19004cc7747575c040c40c54d44004453744d005c500c04445c11c534401570750401","first_seen":"2023-04-15T09:13:24Z","last_seen":"2026-05-30T10:19:54.524414Z","times_seen":4877,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":470,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/images/ui-icons_777777_256x240.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:18.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/images/ui-icons_777777_256x240.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/plugin/css/jquery-ui.min.css?ver=1598106537\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Mon, 05 Jan 2026 00:23:28 GMT\r\netag: \"685ba9af-1b65\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:23:28 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 7013\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 240, 8-bit gray+alpha, non-interlaced","md5":"40bf25799e4fec8079c7775083de09df","sha1":"4fc6b1449c73f5d10489c104225ebe326a4016ba","sha256":"e75b27211e16fcf94715168001bb7055ca376d46f928110ba3d0825232452e5a","sha512":"51c9e46224098e9270bf51bec93e0528b5e726a632a1de57863fba531d914a9db1d3fb07d22cef756f6fc9e999bf08043e73bca6225a9ab7efffe2904105c388","ssdeep":"192:92XiIsTugcTnouLuIXdj7Z7rgmlWRI1ie+BVtNzDby:AmOTnwCnZftW61ie+BV3Xby","tlshash":"5de19fc1e5f8c4e0dd58e668ee886209c7a658b9064742dbcf0485694b48d3186fab8f","first_seen":"2023-07-20T10:40:17Z","last_seen":"2026-05-30T10:19:54.464454Z","times_seen":1466,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":202,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/celebrate/e202512_xmasnewyear/ball_01.png?ver=1764840037","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/celebrate/e202512_xmasnewyear/ball_01.png?ver=1764840037 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:11:10 GMT\r\netag: \"69315265-1b10\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:11:10 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 6928\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6928,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 140 x 164, 8-bit colormap, non-interlaced","md5":"e71d196782582948904f67c458196d6b","sha1":"39d2f34bde92cb8d722bbbd50f0c8a1cb1a78ee8","sha256":"377f6bb5280a82cd46706938b17315f1f983695f29b94a7c5db07ae419f0565f","sha512":"c1739874270ecbe25bcb4de703cc1566a567fea3e4a5bc9ca82e8052d1670086b5f3f9e56c1f8132477becd33e0d994f033d0dac42d4f58fc4e8256b6480b1db","ssdeep":"192:1dIJdq25P9WM5oBIpCSYeWI3Tsr1XkRvEzbegQkQvJj:QJ7P9W0orI3a1XkR+elTJj","tlshash":"e4e19f57cf4eb816ca5f36f3be091a13059475882638e64287becdbb301b492444677b","first_seen":"2024-12-20T12:48:50.25546Z","last_seen":"2026-01-05T02:59:01.67216Z","times_seen":38,"resource_available":false,"data":null}},"time_used":2267,"timings":{"blocked":855,"dns":0,"connect":0,"send":0,"wait":1204,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/bg-sports-title-white.gif?ver=1678955880","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/bg-sports-title-white.gif?ver=1678955880 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Sun, 04 Jan 2026 22:51:51 GMT\r\netag: \"6412d568-218\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 22:51:51 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 536\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":536,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 130 x 38","md5":"3ecfa3bc82874fe5208d9e9924cebd51","sha1":"e801a0bb64370407da31412e432326e8b9887a73","sha256":"1e59d016b5ca6a09c1df3fb8c51d3cdd0e2dcadb980aca2f0f5c81a8216e4ec2","sha512":"7d808fc92d38e316ee78d5023ef50c386a219671a0d99d8c58b85c4ed8ff5a0de1d6b5e6db6ff52d61008ea589b9eed6838d340ee8c0a04641893f9230e7deea","ssdeep":"","tlshash":"26f00569f361ddd4cfd832bc5301102526646735260d1ffa411135e5334dc7b505c5a8","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.522859Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1855,"timings":{"blocked":846,"dns":0,"connect":0,"send":0,"wait":810,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-logo.png?ver=1600719130","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-logo.png?ver=1600719130 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:48:28 GMT\r\netag: \"5f69091a-2b2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:48:28 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 690\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":690,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 19, 8-bit colormap, non-interlaced","md5":"b30ea49a2bcc7479a195bb1fc07bd031","sha1":"a7bbe06838b85840035172fa9a8ee6bd35c1c636","sha256":"08f3d508861fbb6e144807af6719ea78cf9c26e3c99a1cbd12f9d83fe9f0758e","sha512":"ac7f880c76eb7e3701046fc891bb9acc2540548431eff4552c3639dcc08b146f3ff973d050625edfbbe61407c36e36f03080d7380b4cc4cece176ea7cdfc4c3a","ssdeep":"","tlshash":"950162973981e41e91f65836d6a6b4a6a452960509e8c9f2a2db8c3c19204d0ee3e712","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:23.011485Z","times_seen":4988,"resource_available":false,"data":null}},"time_used":1840,"timings":{"blocked":840,"dns":0,"connect":0,"send":0,"wait":807,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/jquery-ui.min.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/jquery-ui.min.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: W/\"5f412ba9-7d4c\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32076,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (29137)","md5":"0b5729a931d113be34b6fac13bcf5b29","sha1":"88ba90d2d2944315afd28a706ee5715ed980c634","sha256":"ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29","sha512":"68e1b473a9cf3731a4fb9ce3c3225aa1152009d3ab7d20e198c203daee3e388b25af41a3a4b2a8ed79b4028df19a93384fc026228b9192ac23d67add56c2ca11","ssdeep":"384:pCwiEt7lcR8lOXHc11evBMzymUh+4C6G/zDcSc7nfZBhVi:slEtiXHcEBMznURC6G/zD8BhA","tlshash":"ade25330a5c2242dfe33c23060e11ef4523bc146eda65fbda09af65953ea8e4c47b971","first_seen":"2023-03-10T04:06:13Z","last_seen":"2026-06-06T21:04:21.324843Z","times_seen":11153,"resource_available":false,"data":null}},"time_used":2809,"timings":{"blocked":1006,"dns":362,"connect":207,"send":0,"wait":770,"receive":0,"ssl":458},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/main/logo.gif?ver=1612839866","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/main/logo.gif?ver=1612839866 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"6021fbba-3bd1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 15313\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15313,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 224 x 91","md5":"3719047940db89e415097aa46f3bfe51","sha1":"ffa944db5a95f8771081a2147ef08115095d55b9","sha256":"819ed93b5f94181c65947ee5e77fedd1237ab03f8c9d2ce75e2811405d0114f7","sha512":"fd156ce12d4ea6ad124da6388022dd6349d96c3b5ce05953850f91d6cea30a7215fd9aea4307650671c564b9ef15110beb89df019c25b9bee39963607761ba68","ssdeep":"384:WnG3n4ZBE8t/DRPm6/EG4U50BE8t/DRPm6/EG4U5+:WamBE8t/tPm6/EJBE8t/tPm6/E7","tlshash":"a0627c0dc17771fef15a3ab076223f090d9489b86d069ee5c81cabddfd8d04e4198ba6","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.470054Z","times_seen":3281,"resource_available":false,"data":null}},"time_used":1857,"timings":{"blocked":848,"dns":0,"connect":0,"send":0,"wait":810,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery-ui.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-3dee5\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 253669\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32074)","md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T20:30:52.521048Z","times_seen":21187,"resource_available":true,"data":null}},"time_used":2471,"timings":{"blocked":843,"dns":0,"connect":0,"send":0,"wait":1439,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/common/bet365_style.css?ver=1685497875","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/common/bet365_style.css?ver=1685497875 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: W/\"6476a813-3db7\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:19 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15799,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"63d91c124b45be43dfba690f9045f34b","sha1":"e387df588d63853316200db1994fb05f2971dcdd","sha256":"f2f6ae08f73e63fa21a560b88fdeb49afc9dc7386c6db1bfb317904a3dc3bf85","sha512":"b7c973f6d4ef57c03d0ed0f2d27d87a29fa9bca34222d3fc0486f23739c871cfe2f313d9d8cf6255d07cd8a9812cf45aaa1a49e4cd2253434e3c1517a3bdae76","ssdeep":"192:kI/btVaRFgGntC76JlL/mt8ZM2Qpdr/0CCsafFUsOA8mxiqfFK4PNlQVOwGWNOn9:cF3LmaFU0FKfIXLAG","tlshash":"716262f69b671c45b926c1a9af68a7c133695213c00dc92d7fd4721c8fce5e898e238d","first_seen":"2025-04-11T10:47:55.702437Z","last_seen":"2026-05-30T10:19:54.462643Z","times_seen":2878,"resource_available":false,"data":null}},"time_used":2837,"timings":{"blocked":1025,"dns":370,"connect":207,"send":0,"wait":771,"receive":0,"ssl":460},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/encforms.js?ver=1761119296","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/unite/encforms.js?ver=1761119296 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"68f88c40-2e52\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11858\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d2d77387c0dedc78ae85a7ab52aad886","sha1":"0d8ee19645e8246409f76adee4412ecef3466b76","sha256":"2af6b51b39ceab86129d473a1fb9a4a827539efc7452de2103a84ebd09d75790","sha512":"d922ced4a418ef9049cebadaf49f897432449ad051ece1361014ca9c64514f9eb53f6d77d6e83551ed2939d0eab9d518f0c048e12aef3e167ef3d1d517dbe3ca","ssdeep":"192:gxlzcp1ISvp1S/yakFAn1hQu66H1Ka1t4l/O3a6Nr:zb6cu6IQM","tlshash":"9f32209871bb1870993338344bbf8512793ac11f4c5cd954bdac2aa07f58a5ec6e1bb4","first_seen":"2025-10-22T08:39:12.013749Z","last_seen":"2026-05-30T10:19:54.529419Z","times_seen":1488,"resource_available":true,"data":null}},"time_used":2235,"timings":{"blocked":809,"dns":0,"connect":0,"send":0,"wait":404,"receive":1022,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment-timezone.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/moment-timezone.js?ver=1580697220 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5e378684-2feef\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 196335\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":196335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1434), with CRLF line terminators","md5":"bc45c47c99fe4d26b2b24e46cec399ad","sha1":"221067a4147ece74b03934528ad61bcd4026e477","sha256":"4a65c2af68e89944c3da128c9b329596d930ce09dc9b8ba726b640d812e1fd88","sha512":"1658e474170022d40e698a422f024b4872bff33c78af1dbe98df3a6a99a0f1cd1eb36725ac9fca7bc1264ea491d0a19a2ee0a3a952adba4aba3242c06f830f93","ssdeep":"3072:olpkvlaDD/DCD/DCD2iqWCPrMBq1rGPuAZDDD1DDWoST+piMhrlon5Blu4hK:CkbW0sNpiMx","tlshash":"f714b0292617bb44e459c08bfa3779c0caade18a940614d25f7d57b31fa37e2de68c03","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-05-30T10:19:54.493597Z","times_seen":5044,"resource_available":true,"data":null}},"time_used":2227,"timings":{"blocked":803,"dns":0,"connect":0,"send":0,"wait":601,"receive":823,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images/dc_hot.gif?ver=1597629314","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:17.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images/dc_hot.gif?ver=1597629314 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Mon, 05 Jan 2026 00:14:16 GMT\r\netag: \"5f39e382-56c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Mon, 05 Jan 2026 00:14:16 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1388\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1388,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 21 x 12","md5":"e5f49d4212fec35b11b76cd616e1f8ec","sha1":"0697a3b11f5d0906b2d1cf59051b46ee3b5dc72a","sha256":"c34ed994680ca6446b85dd47aa963cd4cfdd07180a9517b4d7d37f3c7a1b94cd","sha512":"a7057e7e9cd4fec2ca911ac507ce7161412f8813453ceb3f2a1d28380fdaadf1e8d5119eae83f92ae001ca7f8a2cf0f0c0369a8ef2af4d751b6a08053c3efc94","ssdeep":"","tlshash":"3421660eed42b841944c68da3effc81f5651448089e4f4cbb49e6d1b5e1507e54668eb","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-06-04T15:40:37.708745Z","times_seen":5136,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73tt.com/js/www/decrypt.js","fqdn":"bet73tt.com","domain":"bet73tt.com","tld":"com"},"ip":{"addr":"216.118.239.164","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:13.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bet73tt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 27 Nov 2025 02:04:07 GMT","end":"Wed, 25 Feb 2026 02:04:06 GMT"},"fingerprint":{"sha1":"6A:0B:45:2D:C6:49:E4:69:C4:B3:61:2C:13:4A:95:36:CD:2A:E9:57","sha256":"65:EC:63:E5:B4:B2:A6:52:CC:FA:F8:1D:59:70:EC:B5:82:C0:9C:EF:B7:D9:EA:76:ED:8F:9E:FD:90:14:D3:46"}}},"request":{"raw":"GET /js/www/decrypt.js HTTP/1.1\r\nHost: bet73tt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nCookie: introcode=232639; XSRF-TOKEN=eyJpdiI6Im9hTlpUclZQRE9cL25WWDFzcUVLeXBRPT0iLCJ2YWx1ZSI6IlhLY2JrZE1OZnU3OEZVV0ZkaktNTzdnck1hRTFvOTRhVWxBaEtaRHhwSEo2VWkxbUN5blNcLzZRdU0wQ09RYjE3VENQcW0yaXk1NThxQnYxNHljRjlnUT09IiwibWFjIjoiNjQxYzRlOGU3NDZjZTUzNGUzOTg5NzI4M2MxMmFmNzY4YjcwN2EwMzk1MjNkN2EyMzFkM2I2MzEyNWIzNGY0MyJ9; vanguard_session=eyJpdiI6IlNOUnNnOGhFaXozOHE0dFk1dDk1YlE9PSIsInZhbHVlIjoic2p0b3FYTkt4azJJUHVXZ1wvQVh5a290K1lPY2JxSlBoNm9hc1VpQWFMdXZFdjFTTGJLUnllVXV5Qmc5ODNISVM1UVU5TEpudkdLTWxGTHpGQys2emhRPT0iLCJtYWMiOiJjNjg5MDliYTJmOWFmZTA3ODI5ZDUzZGZlYjk0ODc4ZDljYzBmNWM3MWJlYmRjM2ZiZjg5MDI3MDk4NjczYjJmIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 05 Jan 2026 00:24:14 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 531\r\nConnection: keep-alive\r\nAlt-Svc: h3=\"2ba27113.gk620ge.com\";ma=604800;persist=1,h2=\"2ba27113.gk620ge.com\";ma=604800;persist=1\r\nEtag: \"65572be5-213\"\r\nLast-Modified: Mon, 05 Jan 2026 00:23:24 GMT\r\nX-Bos: b83\r\nExpires: Mon, 05 Jan 2026 12:24:14 GMT\r\nCache-Control: max-age=43200, no-cache\r\nX-Cache: HIT, policy, disk, MISS\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":531,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"1d1d23f897c7f9fa4b24eeb8159d7e21","sha1":"9c6ab5fed65abe81454978f1e844c4f36d61a1c7","sha256":"8da1db8adc85dc835413880c71cc811c762e48018590f9a991115e83a722c869","sha512":"4d258cf5b37b503615a1373aebf3474ec8f94351455729665223a9318067ca6b815d0bf3c265ead937660bfb3b0e75b25f450ef1b235a64b32d87df01e1b8e32","ssdeep":"","tlshash":"b9f0bec8adaffdd4add295d2627ec809a99315430209df52b688ac1c9fc80281a2b0f1","first_seen":"2023-12-21T07:44:20Z","last_seen":"2026-05-30T10:19:54.456689Z","times_seen":4736,"resource_available":true,"data":null}},"time_used":1404,"timings":{"blocked":600,"dns":1,"connect":192,"send":0,"wait":200,"receive":0,"ssl":407},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"bet73tt.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"bet73tt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-migrate.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery-migrate.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Mon, 05 Jan 2026 00:21:19 GMT\r\netag: \"5f412ba9-1c1f\"\r\nlast-modified: Mon, 05 Jan 2026 00:21:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 7199\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7085)","md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-06-06T19:45:01.327333Z","times_seen":23404,"resource_available":true,"data":null}},"time_used":2266,"timings":{"blocked":826,"dns":0,"connect":0,"send":0,"wait":403,"receive":1037,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-gibraltar.png?ver=1600747940","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73tt.com/","date":"2026-01-05T00:24:15.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-gibraltar.png?ver=1600747940 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73tt.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Sun, 04 Jan 2026 23:39:23 GMT\r\netag: \"5f6979a4-268\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Sun, 04 Jan 2026 23:39:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 616\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 32, 8-bit colormap, non-interlaced","md5":"d78068aa4f691e86a736d5ec0fa45aee","sha1":"30e0842662a7f97b84289fb093c3755b99503e40","sha256":"12d00217bbf0ba6959f43b8ad1f5bbd0b9f7b63ecd6be5650bc91aef21716097","sha512":"a0f5aa3f4c004a5ba147fa4fbe283d1e06448deed3f11112d8700e6c3ac85b67868962e75d406dfea5a416f3c69c7d43ee5444e7e7db242c7c5dcdeff94841cc","ssdeep":"","tlshash":"f5f002d24bc2acbc90a6d925ab2c97a9e5c911245623ef3d91a4e018f447260a4d5786","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:22.987164Z","times_seen":4988,"resource_available":false,"data":null}},"time_used":1643,"timings":{"blocked":837,"dns":0,"connect":0,"send":0,"wait":805,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}