{"report_id":"5af5d03d-910d-4821-8801-3050003552e9","version":0,"status":"done","tags":[],"date":"2026-07-12T18:15:06Z","url":{"schema":"https","addr":"diwins.bet/","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"diwins.bet/","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"title":"Diwins: Most Popular Online Crypto Casino \u0026 Prediction Markets","dom":{"size":393195,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (48683)","md5":"07225bdbc5fa171392829e41db793dad","sha1":"dcf2ab48348684b25f102a9c4d08fff929dc8401","sha256":"0c6f7e64104cf44de2d9772559030419538bf6295ebe65c66797c3aef47f9b7c","sha512":"b9111396dba993286ab0bb9d8669e7cb2d94e07e2c06a1e49daf109075f57f5f31485f5ea8c3dfe6ee89a4746b4dea5046a5510c94800a3c9887f51af70ab746","ssdeep":"1536:qebx/c64Jysq7v/AhFKOc4hGfItbP0rl1HoknsWiXx+qqqZNgOQnD1qsWVvhywfJ:qeFA1FPlZPQnDovhywDVPXRPs2vFGNRy","tlshash":"26842cbc120116bd706b87e5fa50f39ea12fd299de93cd0df3ac82862bc6c98cd54594","dom_hash":"domhashbedf72feb127c33e48fd9b78b872d1d1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"diwins.bet/","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T18:15:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"op-api.gambl.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"mycasinoapi.biz","ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-04","domain_rank":0,"first_seen":"2026-07-10T22:57:00.871632Z","last_seen":"2026-07-10T22:57:00.871632Z","alert_count":0,"request_count":44,"received_data":4201341,"sent_data":24042,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"diwins.bet","ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-07-10T23:10:19.94739Z","last_seen":"2026-07-10T23:10:19.94739Z","alert_count":88,"request_count":44,"received_data":5911225,"sent_data":27397,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-07-05T22:19:28.847206Z","alert_count":0,"request_count":2,"received_data":61088,"sent_data":1132,"comment":"","tags":null,"fingerprints":null},{"fqdn":"op-api.gambl.bet","ip":{"addr":"104.21.8.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-07-10T22:56:41.726368Z","last_seen":"2026-07-10T22:56:41.726368Z","alert_count":2,"request_count":2,"received_data":2396,"sent_data":1138,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-07-05T22:22:24.069932Z","alert_count":0,"request_count":1,"received_data":4464,"sent_data":524,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"diwins.bet/","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"2580008a208820008aa323a0002b2c8800a000b028808c808080e8a20ca2030220baac","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-07-12T20:51:09.177419Z","times_seen":355647,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/index-Cht9A9cj.js","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"278a482bb3027275ea10bec92e0bb366","sha1":"32aab18bcd9acb27006a84024951aaa15b8eec60","sha256":"c0e656c43b6016dc47aa09b23e98cef32852f650dcb08eb335dd466920d4a90b","sha512":"04b8473eaa38ff69aa31482ff0002e0da0ad1706d6424c4cf07d3cde0b51fcde60f4415dd564d91960628c91e9aa604e85339bc94e10be2921da6e5714e0c148","ssdeep":"49152:HHrY0IoeS1FPCzn2oaXXBRHjJgCTTaBOpkL/SwxNnlgsJJG0tf07xw4RGUWe3/An:mnbBvtf0d8UWe3s6rpGpj","tlshash":"d9b5ae4cb386b6bd576b66d4749e543eb03c1a38f56ec440e0fca82a24f5850a17bf9c","size":2445112,"data":"","first_seen":"2026-07-10T22:56:48.124091Z","last_seen":"2026-07-12T18:31:37.758576Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"info","text":"🌐 i18next is maintained with support from Locize — consider powering your project with managed localization (AI, CDN, integrations): https://locize.com 💙","filename":"https://diwins.bet/assets/index-Cht9A9cj.js","line_number":9,"column_number":70797}]},"http":[{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/fortune-mouse.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.706Z","timestamp":1783880076706,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/fortune-mouse.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2d5b6-19e9f374783\"\r\nlast-modified: Sat, 06 Jun 2026 23:14:20 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C6AxYTM%2FF1M44ocED9alpp%2B3et4KKihz0XHX7uJanEGNYsqMdTLDPrpYbAgb54b7615OiaL1bIcUope1Z1k8beT8r%2BVTKZPTqG1QYEanmCBAQwQLGihypnElRbtBQFQMTZU%3D\"}]}\r\ncf-ray: a1a2074f6f6fdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 185782\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":185782,"size_decoded":187183,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"87ac16814336141ac5e165fa0b6a3fa5","sha1":"727543093d102af9d3edabf2455a73337fd08060","sha256":"ff5a8367ce6488c9e91b2b63d0866494a7e74f2bf88813ebea1f397623c48765","sha512":"0fbdad1d1d392617e8f50bf38e9c1ddff82b93f4d99e1d53c79bed2c798c1fe3e5b265b6dddeea4cbfa9ee6a6df964c2ffc901e2575f4c079d3997b108c5e5e5","ssdeep":"3072:Qs7NdPtcNjxqzdYshF2IfvQirScUITN34lGnYI9SOIsxtK4xHrnTDnGlC4/Qd:vrP0VqNecU0Z4lGyOIFIHrTig4/Qd","tlshash":"6f041286650f316d7d70eab0b79d641b8a09ea9f7d14083187f35ab949b932c4d322fc","first_seen":"2026-07-10T22:57:09.656842Z","last_seen":"2026-07-12T18:15:16.077373Z","times_seen":3,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/games/live?limit=8","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:46.293Z","timestamp":1783880086293,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/games/live?limit=8 HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:46 GMT\r\netag: W/\"adf-VhEtgism9krRRyV5q9PdRduqrQo\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c54kE5HMYzW0BVOn93B2eTIEr%2BnwXQxglEDwwkiO6HeFnyX%2BcGabDiLmjtK2bVq1ayHe3GM2hwcpTIUxIqneUjvJeXdyOfk9mkhO7bh454%2BQ7RDoRaIMzMb8hRhHKjE%2FWFo%3D\"}]}\r\ncf-ray: a1a2078b5881dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2783,"size_decoded":2312,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9d090bea2dbc4489f33209de82c90c42","sha1":"56112d822b26f64ad1472579abd3dd45dbaaad0a","sha256":"24366553faff41fb11cb1389757ee9b9c686717d2ac3ca5532e719830d0446e0","sha512":"0632d35a94c5208d943d8aa642036cab1da253c8993310045514ea6b451a1a345d028b22602dc5433248cf8806da90c77cb4726f929c3a4a6f6bd9054000b531","ssdeep":"","tlshash":"6351256f55441cf8db3549944445745dd8eef2bf8ad10c08819a8c2fccf46e729bc92b","first_seen":"2026-07-12T18:15:16.078168Z","last_seen":"2026-07-12T18:15:16.078168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/10262.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.711Z","timestamp":1783880076711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/10262.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"32004-19e87ead7e0\"\r\nlast-modified: Tue, 02 Jun 2026 10:39:35 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6F88iQgXnmOXDVc3jPM0BIH26uGJC14b8y2U2XyR33GgFIzIl195QiB%2FM7Az50suw09EM41x5ko2L%2BhANBHaA61CTFAMXBVTrzqrZCZydRrLWLCZJGxLkFm2QyRPxh%2BIULc%3D\"}]}\r\ncf-ray: a1a2074f7f75dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 204804\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":204804,"size_decoded":206205,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d9a6c2e704360080a9d155aaca41dc7b","sha1":"e7fe64b1e90775c6be56a3b367227f1e8ec4fa26","sha256":"e5edc42ae27e9c674f054306d70e9659052553faa2e1fa1f6e51f4ba447302de","sha512":"3677c41a699fbaa8b9592820fde05900206c58b92454549e38163bda47ee20d272a9ce64e51a37f1bf330de18032b611055b0ad3c38ca885165ac3f388478986","ssdeep":"3072:gsxjX/j44U6j6BE3qTEJIGhiHaKZZ80pBOj99+e4Kn+/zauEdKOhVW66h:gsVvbU6jLhIG3Ko0299Ezadlhf6h","tlshash":"e81413c1f238063995809da8fe4464648a75fe4778887760829c0ddf94a0eddfdbbbc6","first_seen":"2026-07-10T22:56:48.11985Z","last_seen":"2026-07-12T18:21:33.816024Z","times_seen":10,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/10257.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.720Z","timestamp":1783880076720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/10257.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"3384c-19e87ead47c\"\r\nlast-modified: Tue, 02 Jun 2026 10:39:34 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KiEm8j7K6dn2DvX7nHc%2FbyZWrHBD4Ro4hNCHFO%2BRg867LzGz0Cml1HElMd4C2Wj1GJr08sGii091fDcUkZHXEn57chyx%2FSHpJj6qEks9knFBgeOSo9MumDVHRHzF8BXbLbM%3D\"}]}\r\ncf-ray: a1a2074f8f80dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 211020\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":211020,"size_decoded":212424,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"189552713832c0ceec6cee1e5334b2d9","sha1":"c938ba54ed851fa652dc0dd22d4cca4046b096d9","sha256":"d5183248c268074f36938090436607fca8efe9860e3d1b185072b25ef306d22f","sha512":"06613edc5823f87b2dc1a1c584dfd81ebaf8bd68362ad3faede64f694874d47a4319d101ff270c12321622b24260522c8314766c78a77264c0cca8bbd8a316c1","ssdeep":"3072:Q7lHfxLOVWU5lzISF1sO9wYiiiLTGU4z7+4rmzAvLRzErb0Qruhx0zMuMYjwl:ItU5lkSLsO9biiinIKsdGoQy4gx","tlshash":"db2422779141e20752db1f5b6c0dacb710d1f2a8e0abd473ed314be6c6029a6c990eb7","first_seen":"2026-07-10T22:58:17.960702Z","last_seen":"2026-07-12T18:20:32.067905Z","times_seen":8,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/favicon.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:37.280Z","timestamp":1783880077280,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=K5ClawpRcZJEA0p6; __ddg10_=1783880077; __ddg9_=172.64.209.74; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=C4dEqDCc7eSRkIHM; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:37 GMT\n__ddg10_=1783880077; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:37 GMT\n__ddg9_=162.158.222.66; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:37 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:37 GMT\r\nlast-modified: Sat, 11 Jul 2026 08:05:17 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\netag: \"6a51f93d-6b81\"\r\nage: 1\r\nserver-timing: cfExtPri\r\nddg-cache-status: HIT,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZkXz8ir6ShlFtQfjaYOM%2BMKST4Cz8oNQXnAeni8oebDHHuqDHduwdh1O4ZbEVihgDtbGBC%2BLtm3XgMpIUtaut%2Fuu8La8gophhVWq771UTnRjQQfkdaK5GilWtXAU\"}]}\r\ncf-ray: a1a2075308c856b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 10797\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27521,"size_decoded":11871,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57dd6243f25a6a327faee0f5d9e3a00c","sha1":"4f5bcc776bb696e35c18b9b56830d604ed200881","sha256":"d148c821c5534f0838aec73b74a3c9973bf4b32f4f34313de2edbffd5acd219f","sha512":"7a1873bf7d01341aa11a8d42da00fdef026c8d1f66143a0724613292ba736da7181b3cd927be7a9e2bf20471059aecee9738495c0f0deeaad712b71407ee59a5","ssdeep":"384:UgoG2IO0VyyrQcx9ipry1q9bU0CYKHE7zuk1PP1DnVdHupNH7TfSshpqzjNUq4ax:QHirQcKry2DKH7XfSsLujymcTiiaNn","tlshash":"91c274dd7b684df5e58ae3ebfb210099750ea4fa66c18b70c35c9e0934228acdd15c93","first_seen":"2026-05-03T09:25:58.438795Z","last_seen":"2026-07-12T18:31:37.689905Z","times_seen":19,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/public/pwa-config?domain=diwins.bet\u0026platform=web","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.505Z","timestamp":1783880075505,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/public/pwa-config?domain=diwins.bet\u0026platform=web HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 400 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: W/\"62-jIniE1qGtkwZxc6p3KDdgJWY1ts\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=owbOeJwAuDtFnXJ6OzE%2BFMmN0iBxU8ne22zVQPY7qHpziFq4s6%2Fg3OtcdU2BArKWvEW3bZOYWD4ZfpFSLNvmDcye7qVkxbpkd59%2FsVQprMJ4DNkCGLeeOukYkaSEL8gYtEs%3D\"}]}\r\ncf-ray: a1a20748ce4ddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 98\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":98,"size_decoded":1429,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"30335302470ddc7b0e774d1d88b9fb12","sha1":"8c89e2135a86b64c19c5cea9dca0dd809598d6db","sha256":"4199e5189bfafe7a12018f9a1404a6e39f8c40513f6385935d91fa2760f72964","sha512":"e47d8212ecaf38357792c10df0ab78e45f42d0b500aa4007970822a7c1c4f1258c385e71f13f82ccaa77e7388a38987351e35b9f52f073effe370bb14c2ebdc3","ssdeep":"","tlshash":"09b012629b130d6607750442b88028001fdc02d31ef6b649008cd5f86ac39a0d017e3d","first_seen":"2026-05-03T09:25:58.474517Z","last_seen":"2026-07-12T18:31:37.750798Z","times_seen":19,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":0,"dns":113,"connect":22,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/windows_background-CyRveNgh.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.939Z","timestamp":1783880075939,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/windows_background-CyRveNgh.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=5wIlEvjT6DyCPlgU; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.106; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-11611\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=74gVJAcbXUnIu0J3xOrSh0SaZSG8vS32Y5t7rrOY1J7uICsLrE7W0DziL9zsvdsm%2BvQCuSC%2FBSQSX8SjhYtQn6v5OYgWb5zUFXkCSZWD4dCROecuSwtCY51REqSR\"}]}\r\ncf-ray: a1a2074aa80e56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 71185\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71185,"size_decoded":72261,"mime_type":"image/webp","magic":"PNG image data, 326 x 160, 8-bit/color RGBA, non-interlaced","md5":"82bb540992a750317b3f811fe5f8a761","sha1":"724bd5f3d37c959ad5bb5235c1f143d2af0b8b10","sha256":"93c89ce498d0655b3ec3546b01a0b3e59976446d12f3939d0bd55a23245e1ac3","sha512":"7162a533b60c87697170d7c1dfc22f26753017c2f699eb70b3e1b16cd282f744aea860a3663961388ab8ab98d7350b31bed6a3acc3c0e194982053a04f5824e8","ssdeep":"1536:M6nr21FPjz4vX3ieDxu+yCmiKFcNnz/2S+Nf5W7CyhfoNA42rO2sDZI:D2PQxb8FcNz/INfIGSf14gO2+e","tlshash":"896302ea4927e19edd8b96665fc408d5bc88221869f8a82031a419cf39b37f54bd04df","first_seen":"2026-05-03T09:25:58.441812Z","last_seen":"2026-07-12T18:31:37.643634Z","times_seen":19,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":240,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/cricket-road-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.683Z","timestamp":1783880076683,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/cricket-road-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"28376-19e188a0797\"\r\nlast-modified: Mon, 11 May 2026 19:35:59 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iCUUknZpxoYbd2QHcXBYPg4Zgc2tng00UJ2ULJI5j26zj8uf4Og5MhKv%2FYnLPjkVE0J%2FhOOFAU%2BxEkcCmXIkPKHiANK49hWWg4bOF9jr2v85A2aNdBbQhuLFEe8sDbmkaLU%3D\"}]}\r\ncf-ray: a1a2074f4f5adfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 164726\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":164726,"size_decoded":166130,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"1e1ba05a859bbbc01900d9ba08880e35","sha1":"7e9c385589952ab26f8f04deb098622c4310acb2","sha256":"aa6523b76b4bd7c120c494515236995d2583f085d9b9e73d96482b8d55064822","sha512":"394bf0f7f744e63a365f3c5e046e448924c15774bc15f4b435f27a3c4d3326a4a8cb6be51926504ef11006f0238802623e1c40b39a0c91b612cfc657bbec9914","ssdeep":"3072:yHEh/mHTKsEg0Y12Wuo0DNXO3m6IMgNiMSBTJWvRiH8wJzudjsuyoB0VFvqBZ0AJ:ykaTKsppSDN1mgc7Mp/kudjf2yfd","tlshash":"5af3129f461a6f92e6026c204b86cb7d63e4c4314c597d6738a8687c341afd2897b7f8","first_seen":"2026-05-03T09:25:58.532508Z","last_seen":"2026-07-12T18:31:37.673005Z","times_seen":19,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":146,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-road-new-year-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.689Z","timestamp":1783880076689,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-road-new-year-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"1730e-19e1889dfa0\"\r\nlast-modified: Mon, 11 May 2026 19:35:49 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vWwzpkDTJUiE0VKyz4kJEb%2FhVDQcSv5pFiE6ejzF5VdkFuhSU395DZ0dijJDTQHlzLRkv9%2B8uvUwF0fXXV28IJr2XB0iEEsyA2eFGt0mMeZPkRMtwaBacnKbTFCBYwRux8o%3D\"}]}\r\ncf-ray: a1a2074f4f5cdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 94990\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94990,"size_decoded":96391,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a63fdbefceb85fa12b3fbe163536ba21","sha1":"1aa6d1ce85bed8959bce57748684be24725ddfd5","sha256":"372724c2ec10fcfc1068d6b19eb189f5f55a977ea9d7c559342e40282cf1d71e","sha512":"3a710b036de4629febd15903a03c98ca13002a4368cfa5246f7bd983b6269acfe02f20408d6eca115b29027ee60175dad8d0f78ced875fbeebaccb1addd5d528","ssdeep":"1536:VdFXCx/pEG1NBLws9R9tuQcpEkCTnWZf1Qs3D+y6yRCPXB9jCbNmDOmTCSedWViU:dXGqGNLws9P4QcpdCLWZNh3DP6bB9jg4","tlshash":"95931255ef9d5db1ef56df39a494213ffaf3247a8f980149904ca9d0a0018ef304d6ba","first_seen":"2026-07-08T18:54:53.805092Z","last_seen":"2026-07-12T18:31:37.725592Z","times_seen":19,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/10264.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.714Z","timestamp":1783880076714,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/10264.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"328aa-19e87ead84c\"\r\nlast-modified: Tue, 02 Jun 2026 10:39:35 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=53vZFH575Ib%2FB%2B%2FVhwrC36nSE1t476WJk%2FabkzWKJL%2FyYJ3q3PfMdQ%2Fdi3euljkAHBoubi6oxEZPgi5UjTxIcIGdSK7nBjGuvNsVXxhA7aIQ3gfnR64UnNyIwbVZjJstf54%3D\"}]}\r\ncf-ray: a1a2074f7f7adfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 207018\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":207018,"size_decoded":208428,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6b2bc3191104c2324bb1a7e618a276c8","sha1":"dcb1acc9e01024fde8a3d0dfe995243ab14eac33","sha256":"73f6fb6bf59508264dbf464fef796b883cd636897cf159a128b46d10ad715f23","sha512":"85835b1b6dbbd24d661fadb18cbef452e71fcbeec7a2041dddffd6ac22f97eebea9191c880168f8bfe168871bfbbc0dd2edba69fde6af434bf128b2f83c62e7a","ssdeep":"6144:bmMJxxFd2HpFq4B3YuaGI7gvZqbf2oFbbFQns568y:yMJxPdgpFq4BfaQ3oHG","tlshash":"ff14236ef349c08021f688317b85347d5f77853ab22c34bae55ee62e2be38559333925","first_seen":"2026-07-10T22:56:48.058813Z","last_seen":"2026-07-12T18:21:33.755691Z","times_seen":8,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/yakuza-honor.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.715Z","timestamp":1783880076715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/yakuza-honor.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"28ce2-19e9f36e960\"\r\nlast-modified: Sat, 06 Jun 2026 23:13:56 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S5SwArUQ%2F9iD6SfshmEvUIHeaEwNXArgPwYq4cIwLWOF8h6fhzD1oVKaC9DVotfa4nhTz9iB4MPdoIRUdOu8NYej9sCPvTsoEyRBNCNCdHOODHxuNu24OZA77jxjbcrChb0%3D\"}]}\r\ncf-ray: a1a2074f7f7bdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 167138\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":167138,"size_decoded":168535,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dc64adbe3aee7856fe50553a8fea2a25","sha1":"f3bc2088f13de5372680029541b23fea4c3c554a","sha256":"fafd1dfa6c36d17040d28ea9b506d44fac84fdb8e4a5d4728664e87a5643e184","sha512":"3d0d015f25ec79dc4634eb61505cf8996414e55e48ae8c020afd87ab8d2ff476111a2684daffcb5cbed3984d4596d27bb32db390424c2ae19657b5a7c9b715b9","ssdeep":"3072:RVT3sDAMjIgaQd40nkeB4yNoIahz5AZIyhhQxpTtLOL3JmKYYRvOqOgtEP43:RVTWL4mGI458gLu3JmKHvOjgtEA3","tlshash":"fcf323c5c84b05c797fbaf927c341a285fc27289157d8af5ca339919f9db8e81095382","first_seen":"2026-07-10T22:57:09.571411Z","last_seen":"2026-07-12T18:31:37.744772Z","times_seen":9,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/loader-CXc1Xk5X.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.838Z","timestamp":1783880075838,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/loader-CXc1Xk5X.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=QA5wFkZJGGVtWbr6; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.64; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-4eaa\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rk%2B2jzYV1D2BO3yJMcCi%2Bs%2BEvJMa%2BV7g5ytqqYui9gfayF%2F6oe2qCesIJV4jcIJL%2BERXF%2FiPvIu3QhtUeDMr4sx4qOoGRGyAKKo2z1mpfhD7qEmJny19RXb1faYM\"}]}\r\ncf-ray: a1a2074a0fd956b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 20138\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20138,"size_decoded":21221,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1f0d0f88ada70f9aec52dbd193ec3c6f","sha1":"f56a77bcb7e424b2efa490a29f102a0d0bbcb14c","sha256":"6ac9fd6a4bb0d8ed08573fc939a6aac8b67d75d844e7689d4eabc200cdf145dd","sha512":"6c94f5e59498e1671c6ece4ae7c58a60b8958306381a163a5262ff0037f8e1df3499bf272dcfd5a423300000bf87b297a3ff842a45af155d5eb26395604ee8b9","ssdeep":"384:DD/7SGkMvrBoBY8bWx0SFJEqgtPMPBaPYq7kB+LTxrw36b5BrcCvwRBNTfVCddaG:/DScjBU0xxS3kQxrO69qCvwRrRCdW8","tlshash":"0692e09d4291cc617069e13b956039dfdda17d3fbca017da63817f44c480dc98a1afae","first_seen":"2026-05-03T09:25:58.503509Z","last_seen":"2026-07-12T18:31:37.731617Z","times_seen":19,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/mobile_install-B-NhXZqn.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.883Z","timestamp":1783880075883,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/mobile_install-B-NhXZqn.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=OW9gKtkFmp490DHm; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.42; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-23c92\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 1\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lq2sFY1y2UeUjE4IEVbH2GQFEIyaPCpykAkmeP6jMJr19rEtx5B9W17iVVsEuxG4siMsCTJ%2F60wuvmQu2qGiI52mL3QoVWbTOBcID3ttJtrB1YPrt%2FeoAKfB7SHZ\"}]}\r\ncf-ray: a1a2074a4ff656b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 146578\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146578,"size_decoded":147653,"mime_type":"image/webp","magic":"PNG image data, 459 x 404, 8-bit/color RGBA, non-interlaced","md5":"5e7f065a53f00254f8f353e77492d523","sha1":"cc3d0bfbc1d66bbc34de5e24171f3c2400b05628","sha256":"81a0851c2d7776b76bf69fea2d6b16d3f12573a2d1cab6b5b4160401cb3abf05","sha512":"e6cb5e7b536aedf6018cf9bda85a78a98ce838cdbefcdebadf0ff7adc128df57026c3705ad090f0a84c6f4c75b10dcd1441e00f6669f8d891cccfaa9f0760c0a","ssdeep":"3072:3UUFZi23IObq7HRyhS0nfQ7YTG+adi8GU3xqKLymtWxUBvtwsuJ:EUFZdbe7HRP0fQ7Y6+aY8GEb3tWeBlwJ","tlshash":"c7e3128e9886c800a21f5d67e6b5f26d5cecc2d7c5cf53fc111562934ae2ab2042f22f","first_seen":"2026-05-03T09:25:58.511186Z","last_seen":"2026-07-12T18:31:37.628152Z","times_seen":19,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/games/live?limit=8","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:56.370Z","timestamp":1783880096370,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/games/live?limit=8 HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:56 GMT\r\netag: W/\"ab4-uFye5LB2gV79EKMtD7g2UOxSE3M\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6U%2Bhgdp3SmBUohgfddaOqqEreRBeEWwWoqKYvmDffUxT%2FmdVuuojZh9Og0CSqBJcYJzC5JpwEP%2FTlmMFl62%2BnNM873rNwhtLaXHipO%2BQWGVM3Z%2F%2FC27X5EeeruAsbycyizU%3D\"}]}\r\ncf-ray: a1a207ca5f84dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2740,"size_decoded":2257,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5cc1b9fb99ce8dbb5d78158ac219cb40","sha1":"b85c9ee4b076815efd10a32d0fb83650ec521373","sha256":"ac77ad29be6ee2165fb085b5b3a2a4ec036cef532da2036d4d35f6c11ebc6c25","sha512":"a8a12457653a6223ab3c3268a14bffb8b74c675a7f2359f7a0ba82e96f4c01faad47985d5d6be9560e846a04044f14a0ea9472be42c51287ca2817cb17f92aa2","ssdeep":"","tlshash":"f851cc7f94442cb8db359998808a759eeceda3bb55d00c0881da8d3accf01e735bd51b","first_seen":"2026-07-12T18:15:16.092552Z","last_seen":"2026-07-12T18:15:16.092552Z","times_seen":1,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/index-s28uPECG.css","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:34.407Z","timestamp":1783880074407,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/index-s28uPECG.css HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=wdKpk6yJplLx67t3; __ddg10_=1783880073; __ddg9_=162.158.222.163; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=noYZWZCgjgnK3FCi; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:34 GMT\n__ddg10_=1783880074; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:34 GMT\n__ddg9_=162.158.222.31; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:34 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: text/css\r\ndate: Sun, 12 Jul 2026 18:14:34 GMT\r\netag: W/\"6a51f93e-3b267\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NZ9tQZI6n%2BV0RbrXhLEZzu1f8NSC7CHp9fXnaf%2BLknu6QIUOjWxvTPrm9iaqpSbSgyTUjtWL8dKyLbXR8eJKZHHSvzXf9IEpc%2FPQZaIOFGDByeWeIa3niVyH5ISM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a1a207410f2656b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":242279,"size_decoded":33128,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e78be1a1b5cfccf27bb26c84e6935629","sha1":"a9fdf7e25269b194a550a57dd303c8cd86d86534","sha256":"d0c3d7f69b20d908427dc2f06fa824ed8463163db65936a463c1681f120d6450","sha512":"279754598b7857a343b591dd0dc87c36f83b09a3548c7d3e53d3ea52f14a47bf249588ffea86552c16434f03215d1c9267d4e575a621bfc2820b688c73624b63","ssdeep":"6144:cAKCY1M98tcIrhAdT2Racpl8LD2Of9xZBnCz+RXYcKhROUfgf4r5uSL0XpkppTay:EiLwPVr","tlshash":"563490a4a275e53fbc37b0fd93acf80da109b195de260addb901612663d37f21c36a14","first_seen":"2026-07-10T22:56:48.06391Z","last_seen":"2026-07-12T18:31:37.622247Z","times_seen":18,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/lights-C9uxKB0w.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.858Z","timestamp":1783880075858,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/lights-C9uxKB0w.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=7gD2kD4RrP2g50ou; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.154; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:37 GMT\r\netag: \"6a51f93e-75ac\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 4\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4nEEiZMoWKofGJgnJ%2BnWyTjTXD1D5VFwY4zX0fw9iF35SymLTAFXtSfbc865dPjTNkmIB7lpiVMo44kqysOGg9ht2bSZqojnrAhD5v2NqpBP5bXdr5ca1Pjv4GIU\"}]}\r\ncf-ray: a1a2074a1fe856b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 30124\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30124,"size_decoded":31197,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6dbbd736960c85aabcaab78addf1373a","sha1":"e1c8d638a5364520a04dbd8ab4cc9b7418cca633","sha256":"972f5988facc7d4afd4ca98f4e3667f8b80b0b0aca35a922dff754e4b50daae8","sha512":"4e75ab46d7f999a3fc4a742f4674707b6616b088557ef48ada62567ab723412c82c3395ca62d9e2748e5aff7c0146fba300225be3d2a467766704884c0227889","ssdeep":"768:Ylx4t1XGy37+jzkEcBSA8Qa1uYBKrj43dD961V5LscS:Gyt1XGY7+jzkEcBSVQjTrjeh6Vhk","tlshash":"02d2f1b122f3dc210c3ced43c1901d8968f96a2d628bc5790985abb247529a4e3277fd","first_seen":"2026-05-03T09:25:58.52188Z","last_seen":"2026-07-12T18:31:37.70759Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1194,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/ripple-DG_x0ao9.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.912Z","timestamp":1783880075912,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/ripple-DG_x0ao9.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=InDr7E3uHh9PfHLS; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.8; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6a51f93e-1096\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4QbsgFK3rIcTE2brMHEKn2J10POTh520PaNSVgxl1lgWLcWWYuPflT%2Fc%2BYXRjmkrljLhce9ULCDyw1yc7zHBEq4somYkE%2Bx5m%2B4v2AumxOXYxc82N0JIgD%2BvRKaG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a780056b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4246,"size_decoded":3038,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"668b47cfc023c8a691e80389bb5fd455","sha1":"2f1711702c2fc16060572dea79d3ce43ade79063","sha256":"dd3cfa287ffaa2afa98ec543a129d05366bd9dc5f48f30e2464c49ded9ad0f99","sha512":"919b1dcb302d98ce735a63838a00fe067874bff76f3ba76095fc61afe5228f3a19f4ac038a0e05d5e31fdf607c3442c754e60fdf77e5a5232ce07493d7a71b2a","ssdeep":"96:o0Wo/HqlWSTKxG4HU1C+2McValTyf+i0YW2/Z80kR:o0Wo/Ktd40T2M5yf+i0YW2C0S","tlshash":"1e91c4da73b592fcf446e3e0e9331c39768bb1f11a23cd26ce955d42e1a189d0824c97","first_seen":"2026-05-03T09:25:58.44074Z","last_seen":"2026-07-12T18:31:37.665595Z","times_seen":19,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/pointer_fortune-CJvMtp0k.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.319Z","timestamp":1783880076319,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/pointer_fortune-CJvMtp0k.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ziicTdC0IR2K6Dek; __ddg10_=1783880076; __ddg9_=172.64.209.50; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=QWEF7DcmHPrUAnxQ; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=162.158.223.9; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-7c1e\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2FqhR2%2BDsPBEPaFwMdA2pJlDNGj5HkbtgMQDfc63acqFIQmyZtm2Lk6VA23cmC0xY%2BS8OVgd4z1mx1hrMs8I5%2FsfT7tsViVEgKFYuGeVJri9rUYK5NQ9862NddYK\"}]}\r\ncf-ray: a1a2074cf84456b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 31774\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31774,"size_decoded":32851,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5302d2103c23bfc66c9cefd300756894","sha1":"cce84d556eb0b50dd1e46532aeba8aa439315124","sha256":"91d3c91514f1f30318b480c97859d30901f65c68177ece573f03b43af95dfb7f","sha512":"dfb93be69e6013bb6bfab81126097c326d6eb99b98c1ac39608e8731196e1a1d69540b3d2f20ac36fac17cd98821a1a22242afdb90282ac204ac4746268caf28","ssdeep":"768:8o4SzAzcgr7Os5a2TB4i/KqNZ1dvRQqPk7r60mVJ5JZUO:81aAYYy2afiNZtQqPkHmVJ","tlshash":"70e2f2c62782d68a269fd625e902f777b0f427b4940421875db1c89cb3bed2d6e5c888","first_seen":"2026-05-03T09:25:58.45599Z","last_seen":"2026-07-12T18:31:37.738105Z","times_seen":19,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/mine-slot-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.680Z","timestamp":1783880076680,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/mine-slot-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"1b448-19e188c4ea6\"\r\nlast-modified: Mon, 11 May 2026 19:38:28 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yXdFyrG5ykN0MsxmZIgEEhcAkUozO7vweMcXTHnbfb50SOHtibvcXjSBdi%2FZPyaenab40fI234ezDVpY2pAgj074VDbLRbbbpcWkl4rf8ph3zHH4ZY5pP6eYOkJ6i8TVchI%3D\"}]}\r\ncf-ray: a1a2074f4f58dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 111688\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111688,"size_decoded":113088,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7406dba4e1b62922d069c29462970e92","sha1":"2bb50a426fc171056758c2f1fe4da069bd317a55","sha256":"a1a7495aee2e2ec7e96d71aba77df32c181435df6daaf59f1f0dfbcbb1a89397","sha512":"f5624722848711d80f1d17db89bd6f160f8e8535f5c6e5b397925b686dea04c0239eca11ccbf753ffdc1e97d2c5006356d4ddeac83501b989309a8a3c62ed43f","ssdeep":"3072:PBZq2UAp8x3gncKwSfB6eC3QxHPq4Sh27r2neBIQWzUomhHVD:a9Ap8x3zS7CDt0PmeBIRt01D","tlshash":"04b31242f3751568dc6d93f93589eb067297838883476aa6ae233256d409470b78cbcf","first_seen":"2026-07-10T22:56:48.049907Z","last_seen":"2026-07-12T18:31:37.755651Z","times_seen":18,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vswaysbufking.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.707Z","timestamp":1783880076707,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vswaysbufking.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"8da8-19e87ed45b7\"\r\nlast-modified: Tue, 02 Jun 2026 10:42:14 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K56u18Y6JmHUNp8AE83wweJU6n%2Fz0YKMTkyyp4lMCXk%2BOAWVg%2BSYAdZWs22onP3pMmD6EqzJa2AoL80nzMZ37xcqPa5FP%2FlMPGqPk71CAiolqh6gEItmLGHvjBxZ4E465L4%3D\"}]}\r\ncf-ray: a1a2074f6f70dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 36264\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36264,"size_decoded":37668,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8b3d75d1af87c9ad72794038faaae824","sha1":"ffeded66b540d06ebda245980fd5ee5a8195fd5c","sha256":"c386fae87b67d197f492e6d56c1b3fcb7a2f2e6d1f619011b32844402945ad86","sha512":"6a04934a80321de1f685b065c772ea9bda511eb8b4398e8d9b609afbb4dc438c250151150bc1a40ba49580dacf6c2d964154ca5ce55f8a9ada498db11a50039d","ssdeep":"768:LNZEgovkb7mJXzOHZTPWlZJi1RqNIMfiGxETNWAwRxb:BZEtcm5zOwZJfNIMtxETNN8xb","tlshash":"fcf2f1d89e75f4e3b70af86785ec00b5d0867ef7dd1656b0dc4fa2623492927b248d08","first_seen":"2026-07-10T22:57:05.875896Z","last_seen":"2026-07-12T18:31:37.716247Z","times_seen":8,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/games/big-wins?limit=20","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.929Z","timestamp":1783880075929,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/games/big-wins?limit=20 HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: W/\"1b9d-7AqA11r81C3OhWKqliMPbPfdstU\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VocqNWH7Y%2BCZ7dZ5eQ34xolqMEqrlcfICTzeOhFTxgEM8IjXmdC3YER5szka9skqQN%2BsYna646iI6dlraZ2ZovogYXhTLafa1yrN8TsAtZgwseo0REUOWWYk862Lh4EewRQ%3D\"}]}\r\ncf-ray: a1a2074a9e7edfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7069,"size_decoded":3317,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f1ee4e400f844b4a63e14ff6b7f3efe0","sha1":"ec0a80d75afcd42dce8562aa96230f6cf7ddb2d5","sha256":"9209003fca5415f1e8f56210cd6ffcdb10f31f6a063bb510365a8ce85dca4aa1","sha512":"4e47c106782c071451f4405b981a7735fc68d3d0d3c8b194fa7a97a3c9d2a18986afde7a43b2d1a96d20fd6038e5e681c70a85431f50315108fc554cbaf0ded7","ssdeep":"192:IS9Ttv3h05TSGjF3WjeHu/kNLWh/S8QX2/UP05zZjw1fGcZgeCiQlhIH4ehfPAak:5BPaNSENnHkmm/5QXEUc5V8NGceeCiof","tlshash":"34e13f6f94482dbcdf355ad4844a746de8ede2af96c00c0880aa8d3bccf56d6297c527","first_seen":"2026-07-12T18:15:16.09691Z","last_seen":"2026-07-12T18:15:16.09691Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/fonts/Proxima%20Nova%20Regular.ttf","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.765Z","timestamp":1783880075765,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /fonts/Proxima%20Nova%20Regular.ttf HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/assets/index-s28uPECG.css\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=LSYFtiEgNYjVuiUR; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.34; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\nserver-timing: cfExtPri\r\ncontent-type: application/octet-stream\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93d-2d120\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:17 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rjlnFk8atrdM%2BsSm7F3M53DBNDYMY62%2Bsj%2FGyE0wKmXkcXaUif4Ony0tnKd8px8ZrrzJUBQ1kKKXZ5ZAwnUjHrK316G8JU2gktXunzeQ%2BdCWqPGOVxnXIdZf5Oph\"}]}\r\ncf-ray: a1a207498fd356b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 184608\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":184608,"size_decoded":185652,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"FFTM\", 30 names, Macintosh","md5":"386c8ff06aaa9d3ea14528a5703b6ec5","sha1":"7174dee37d9851739eb6e9f24152a91e1024c9bd","sha256":"f715d9c3a8a59c2f8079955680d811dfdf069f769d8521d830c85ae3393dc6a8","sha512":"7cb4238a5f19b76ce505139f6e99de9d2e835d2049ad95bfa2ffbb352213dd6be6143bdd6659cd5e81cb7903dc253dc6fe5750330cfacadf7de5690c4a8f50cf","ssdeep":"3072:txztObnQGIaqRnDzM2bxreVW+KMY+Qc8FT69FNpp3JtGQY8E8VoLw2E8H7O1j7Bb:tZtOr/A+g1c8taZTJVoLoD","tlshash":"31049586eafb0e2fe3564af8dee6967a0765b407ef3135893d80e540d2d72602843dd4","first_seen":"2023-05-24T17:26:21Z","last_seen":"2026-07-12T18:31:37.711307Z","times_seen":301,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":330,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/banner-3-v1-ipNYXXfR.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.852Z","timestamp":1783880075852,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/banner-3-v1-ipNYXXfR.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=Sdtxt4S9VtGQyfkd; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.48; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-16e98\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LmoJkhGzLnt9N8wv2TxaMDYaBXsTyBgqKkDffQzhFg1b2RRTGBTTdSv2kGVEt6mMu%2F7n5ZEPOlHtc7DhvqUy7m328Pswks6%2FVthNkm0Geb%2FP6tEyc5KFsfZeUvci\"}]}\r\ncf-ray: a1a2074a1fe556b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 93848\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93848,"size_decoded":94924,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b2bf969e3989b7a2f23632e486451c61","sha1":"be34f407e94c18e0e12f7da621f733d55fdc7d33","sha256":"3b2ab6d2d740b53452afb1f058afdec5dd78f57c119d5459226da07719c46f95","sha512":"c57c4fa8553ef3e9cef26774796023fded5120f7b001a637426b4a70a5cf3d502a89b8c1ee84c4a23846b70b5c4a57111fb61dabe778dfcab8d7963301a1750f","ssdeep":"1536:QBdqZZjPsttKG1QHTPPA7fjEO5XACYJFPyOjx3xp4KOrypj+r+1qM9hniJESk4sP:udhz1aTPPA7fjEO5wJ/6Ol3xROOpjY2T","tlshash":"019312f5e754c6749e89749ca56c3bae1a070737399613adf4a0fe8612e0776403f0ac","first_seen":"2026-05-03T09:25:58.446433Z","last_seen":"2026-07-12T18:31:37.677962Z","times_seen":19,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/ethereum-D8eyHuXQ.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.888Z","timestamp":1783880075888,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/ethereum-D8eyHuXQ.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=uJFi6OkePvmcxnW2; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.18; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6a51f93e-236e\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FGJCUvzNCJOHIAmMMvcrxP6dZlwee2a%2FGzGK6dHavcOonG1TgvVXwDSlEPw59KRhadetGef5GKd60%2F%2ByTYqqVYNhceHPwlqVyYf0GA942Qe4l2e8oPFXmeCblsmt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a4ff956b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9070,"size_decoded":4798,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3600c0025adc4a693fd9f69754a4290d","sha1":"68bf3099d8d50df03c01b81aed41164057af8809","sha256":"c48b1716c803c5bfbb672750b82165c8f130ad4d44812624664675ebcf69cf8a","sha512":"80af010cbbcfef04cd08a93fb2911771b19a5a20b6c48c46e27d9a30fbad65f6ce1d77a0aa881f7073eec8348ea3846a706986abf9ad88e528f2c9383b0f8be6","ssdeep":"192:ZRX+G88rKrcEShs9phbnhLCkZmNxDdtjK829vA+mCNCU1x87jFm4TGgBh2:F3KrcWaws4dCUgU4TZ2","tlshash":"9012c6ec5bf882d8f442e3eadd3684983aa39afb3791ce25c3549e05b41105c5896ed3","first_seen":"2026-05-03T09:25:58.499Z","last_seen":"2026-07-12T18:31:37.631299Z","times_seen":19,"resource_available":false,"data":null}},"time_used":357,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20starlight.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.698Z","timestamp":1783880076698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20starlight.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"8a02-19e87eca807\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:34 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aEpFV9px15SSmTmOfI0qBPY2XPGdHEyg4wwjJZm8BIQbcl3g9QF4KjEhloVuAF3WCj0Vr4FZzVh3HMd154Knv0WH7g%2BqQFZWMT%2FxZ8QczHlE6PAN46tkbRZ2YpyUZMHf4CE%3D\"}]}\r\ncf-ray: a1a2074f5f67dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 35330\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35330,"size_decoded":36730,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fb70ba24f84087137f07fd3cf86867e2","sha1":"6386b0c6ba2cb19855f820832bd93519e0681bd0","sha256":"779f8d03af2585cdd3584a77c86785ffbe20b691ee740d604aa92bf33abc2c89","sha512":"22cf4a6685a034663d99dc36632d8b1013cebcaa19ea5f6cfa3ff3a3b4851bf3ef6bea86a8768af559b15fcf6456cb630f39258d5042639ccd814affd0d6d0f0","ssdeep":"768:YW2SZkHXcFP2HKuzbO3poGubgpsP08oOFSGIw2rMO/7F/fceme:LZiXcFeJY1u8AoNGIw21DF/f7","tlshash":"51f2f1d48b4ca3d1ac94212e5e1f943232cbd78646ae4e90412b63907f2cb67673b9c7","first_seen":"2026-07-10T22:56:48.046937Z","last_seen":"2026-07-12T18:31:37.68226Z","times_seen":14,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs10bbkir.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.705Z","timestamp":1783880076705,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs10bbkir.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"62e2-19e87ebc18b\"\r\nlast-modified: Tue, 02 Jun 2026 10:40:35 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3uI9nIo6CKwejrcoqb2L0fFzV%2BcpcuQFQUu7Clh5ZWa1KkRVP%2Flihzb2ln4jSlo2W%2FuSIHPzDmywg6LPchMlew4u1YJ8o8MP8bdUahNXRfLRVHVCJvmXgkbBFfBFqtqqo%2FA%3D\"}]}\r\ncf-ray: a1a2074f6f6edfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 25314\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25314,"size_decoded":26718,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"76cc863151d8ee249a995e2e56a47131","sha1":"a1968240e5eee90208167d932fe666d0d170f4fc","sha256":"49bb42ff09fc936aebb3178d1455a9797fd99dd7ae6452cf84db83b0a0eb3f41","sha512":"18611745ed86961ffb7ff90b747879c9b7299069d7ffadf3452e7b94f9d423d4bb592f91e6b99669ed26c23ace222d417e88570ddb46b2c48b29f68f928f55b0","ssdeep":"384:0zARXsPBLHukvWj4You+JzC1KDa3tV+Ts9E0gA+wDoPl3j6Uky8FCOeD4tSXLzpF:0UtspHjvU9+JyVAs9ELwD+VRLzpACqG","tlshash":"58b2e0ebd5703432b2c6a1ae925575cef644849a345268858f6b42c8085e8fd2cac7ea","first_seen":"2026-07-10T22:56:48.100947Z","last_seen":"2026-07-12T18:31:37.658856Z","times_seen":7,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/bg-welcome-bonus-DO3wRMYx.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.850Z","timestamp":1783880075850,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/bg-welcome-bonus-DO3wRMYx.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=YA3lUnyAMAQl9JoA; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.49; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-19b12\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=adcm5Nd%2B6EnaXeVOXZsv%2Fjxx0rx0SUwpNHl%2F87Uh407BSHvaKBu6jUcAW9j5VWUug9RsoE82ZEWeJLmqNhvYeFo31LbL9vpd7bR4cGMod8Iwd95XAc3c7qZTjYUW\"}]}\r\ncf-ray: a1a2074a1fe156b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 105234\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105234,"size_decoded":106312,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e048450d38fd6aeb684e5e2ee45e0f58","sha1":"c7ab06791f125e5e2cde21fc2485711d69711a79","sha256":"9970dbc6e89f35d639c6315256e602c83cf8fca69d5947ac5a08af22ff44677a","sha512":"afaf8f8b950665d05b856f9569eef9704d446638cc843e0d1daa699791341cd18cdf7c5a6f3967be74b688c90436cf5d9c55946822062673876c44265ea3564b","ssdeep":"1536:FX3619GT3TK5L7S0HqZEwK4FtYvW/kwHPj3FIefGWG2C663P1yLcNp/VDja/5tzm:FCqunqZgzvWF73yeuWG2CP7rNDjIta","tlshash":"38a31294c945ec14f0a7f8644236ec007b913bbe92818c24b7f09b121b9559bed2af8f","first_seen":"2026-05-03T09:25:58.492722Z","last_seen":"2026-07-12T18:31:37.677409Z","times_seen":19,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":246,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/fredoka/v17/X7n64b87HvSqjb_WIi2yDCRwoQ_k7367_DWu89U.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.769Z","timestamp":1783880075769,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/fredoka/v17/X7n64b87HvSqjb_WIi2yDCRwoQ_k7367_DWu89U.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29732\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Jul 2026 12:47:16 GMT\r\nexpires: Mon, 12 Jul 2027 12:47:16 GMT\r\ncache-control: public, max-age=31536000\r\nage: 19639\r\nlast-modified: Wed, 10 Sep 2025 16:42:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":29732,"size_decoded":30544,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29732, version 1.0","md5":"9591efe1be62434d2d107e2b19702029","sha1":"6438e7de08adb0a989e1947ff06284771f884eb6","sha256":"99d6c78e043710d4f83ed90716779798b7b04eb690f73e0ad0e8f32d1f0e98c2","sha512":"3cc3323210ab19dc07513ef4df0bc9eb7b85b0143fa39c37d79b6fdb1b8309d34b96c452f264d3ab3a409b5a75c6872d48c22f54aead05e78454004106546067","ssdeep":"384:fNPmz/ALfS8CKEhoIqMViQziPMBdrB2PasMyqhdJf00dHmgJIW+uvTVsRZBhW7AC:8zoRCKEhTkQJdrQXqJf00GpubVsRZtI","tlshash":"0bd2f104c9605335c6ec64b69b114a7bffed488265e2b9d520a8eea61761fc8e09053f","first_seen":"2025-09-12T15:30:51.751475Z","last_seen":"2026-07-12T21:07:43.522743Z","times_seen":748,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":38,"send":0,"wait":23,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/fredoka/v17/X7n64b87HvSqjb_WIi2yDCRwoQ_k7367_DWu89U.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.771Z","timestamp":1783880075771,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/fredoka/v17/X7n64b87HvSqjb_WIi2yDCRwoQ_k7367_DWu89U.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29732\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Jul 2026 12:47:16 GMT\r\nexpires: Mon, 12 Jul 2027 12:47:16 GMT\r\ncache-control: public, max-age=31536000\r\nage: 19639\r\nlast-modified: Wed, 10 Sep 2025 16:42:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":29732,"size_decoded":30544,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29732, version 1.0","md5":"9591efe1be62434d2d107e2b19702029","sha1":"6438e7de08adb0a989e1947ff06284771f884eb6","sha256":"99d6c78e043710d4f83ed90716779798b7b04eb690f73e0ad0e8f32d1f0e98c2","sha512":"3cc3323210ab19dc07513ef4df0bc9eb7b85b0143fa39c37d79b6fdb1b8309d34b96c452f264d3ab3a409b5a75c6872d48c22f54aead05e78454004106546067","ssdeep":"384:fNPmz/ALfS8CKEhoIqMViQziPMBdrB2PasMyqhdJf00dHmgJIW+uvTVsRZBhW7AC:8zoRCKEhTkQJdrQXqJf00GpubVsRZtI","tlshash":"0bd2f104c9605335c6ec64b69b114a7bffed488265e2b9d520a8eea61761fc8e09053f","first_seen":"2025-09-12T15:30:51.751475Z","last_seen":"2026-07-12T21:07:43.522743Z","times_seen":748,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":26,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/partners_field_background-Cy5LkgBv.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.715Z","timestamp":1783880075715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/partners_field_background-Cy5LkgBv.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=q2QLDYn611ryZxMQ; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.12; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-2154\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EyWfQlSRGzCMLBC6KucXyUFYx1ORfr0dsidMF3B7YgrpIVNUApmHHROrtol2Pf9n93x0HFuNnlkfwyFf68qCxWOsbaH6l53Iv2ZGhKWW%2FVaRvZIhcWnLLrYJWScs\"}]}\r\ncf-ray: a1a207493fce56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 8532\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8532,"size_decoded":9602,"mime_type":"image/webp","magic":"PNG image data, 330 x 71, 8-bit/color RGBA, non-interlaced","md5":"462316c3b762e8320948d6c6d0cb1a8f","sha1":"4ba530927953610916ca35750ce1978180dfb104","sha256":"7c97483cc522c290425b2bb7a80e43f423a007795a5a9f63c755e0ac86695a07","sha512":"9207bab46fcb01051d83a4734086b1999ae395b947e52aa156d47a4182bbec744ec1d20f9e0e76209399c641327db538ca543f8f213222199abf847c1f475e8e","ssdeep":"192:lSwMaZhvjZyn22byC9YkLLELv9LtqdE4jFqmLgePXlA2D:Estz78Y/ptX4jFqmLg0D","tlshash":"7702bff09f6148bb1d722bbdd01eb429d0e20911b9a9b1f85b2f2a9f007c647355c6f0","first_seen":"2026-05-03T09:25:58.454531Z","last_seen":"2026-07-12T18:31:37.623626Z","times_seen":19,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/bg-slide-cashback-D6oBbvdR.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.847Z","timestamp":1783880075847,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/bg-slide-cashback-D6oBbvdR.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=mTWcsPMYDdSvJ7rH; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.26; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-2ffb8\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qtbho5mk5umj4150tOCxRj1kSRgTBWnD7g0eBM77RhS2OhN%2FiTQHaZMtIPJxfXmh%2FzjlWeLmGeDXudmCXH08W4ZrxyRw5TT6IutxyXp7uK5NKOiovjnxZhdFEPIr\"}]}\r\ncf-ray: a1a2074a0fdf56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 196536\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196536,"size_decoded":197611,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"283f9e0b94c289cb3a4b5bf970bb03c3","sha1":"19a8fb7333d8a7da0df1823f78aafbaca731900b","sha256":"7ea986e91377afde7d9b0248eb296d0486a32c120acd17c296ba123d7b4810be","sha512":"d5b2f36aa7de7e6a8ec420ff99a6ca59a997644253e0ed5a7344351a64f6e420e269ca5dbfa4db3ca74e8e12fce8fd891b00a84b945772e20559d83df590c81f","ssdeep":"3072:khUIb5+3KIW/qMs3ABv6OqLnLWYx1cqh3mew0bighP6IwM8Bsaq4H2KX/IHepXx6:kqUqW/HMAZ6O8nLzx1cqhA0NFTaBsaqR","tlshash":"da14122839304449592569a81af9629630ccbe3da5b7ccbb0da7f3651b3b9f08c7570f","first_seen":"2026-05-03T09:25:58.432446Z","last_seen":"2026-07-12T18:31:37.676672Z","times_seen":19,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":335,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/tron-BZApJ2eW.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.914Z","timestamp":1783880075914,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/tron-BZApJ2eW.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=PKIbJNfq2u9ylqCr; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.52; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:37 GMT\r\netag: W/\"6a51f93e-271b\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 4\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aRCIU5FyPD3KsHJ4%2B9bxvlNMLlCI%2Ffgno2kCRKI0hA7BJYE9bGC1U1z6Ioqodvw2Fjbeg6Cdq7AI%2FiPXixEUEVBEy25lIUUvhvCEYZ2sjQCb8oMYEbxCWH3OTFjK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a780256b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10011,"size_decoded":5342,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6240b2bcb50d109a6e30c90d5b4c4a2b","sha1":"b9ac50ac536b859bff64ac6f811726ab0b189698","sha256":"209fa71e5bed05604e1c6aaf5e49788ac77a338aee22c651c69f0221677ef501","sha512":"8f301595be83c08f9b4462ab8d562e832ae4f7d6c7b61622a369badd44afbb3a101f26a6b4a7861b7b49c493e95b43326b8f2126c5dfe99565d99bfc5c1635f4","ssdeep":"192:71jYen8OoOMx9CQk+PMnqIRcgqxv8qqQX0:hjC0+PMZRqxHqQX0","tlshash":"5222c5ce67f5a9f0f006f7d9ca620479311b68f93a02ce5bc7e90d89a11185ed586ccb","first_seen":"2026-05-03T09:25:58.539074Z","last_seen":"2026-07-12T18:31:37.751897Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"op-api.gambl.bet/track","fqdn":"op-api.gambl.bet","domain":"gambl.bet","tld":"bet"},"ip":{"addr":"104.21.8.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.055Z","timestamp":1783880076055,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gambl.bet","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Jul 2026 15:26:36 GMT","end":"Sat, 03 Oct 2026 15:26:35 GMT"},"fingerprint":{"sha1":"C6:89:9C:7F:59:81:87:BB:1B:D8:C8:FE:CF:81:CD:0D:A4:E4:D7:DB","sha256":"48:E2:DA:EA:3D:13:BC:5A:36:A2:07:52:61:24:2E:FB:51:32:16:AD:7A:57:1D:93:D7:96:51:0C:D4:12:39:FA"}}},"request":{"raw":"OPTIONS /track HTTP/1.1\r\nHost: op-api.gambl.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,openpanel-client-id,openpanel-sdk-name,openpanel-sdk-version\r\nReferer: https://diwins.bet/\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=qEXP1hv9oPcSbhjD; Domain=.gambl.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.gambl.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=162.158.222.96; Domain=.gambl.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg1_=W6Lvsw15rQtY847IID7z; Domain=.gambl.bet; HttpOnly; Path=/; Expires=Mon, 12-Jul-2027 18:14:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccess-control-allow-headers: content-type,openpanel-client-id,openpanel-sdk-name,openpanel-sdk-version\r\naccess-control-allow-methods: GET,HEAD,POST\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 604800\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\nvary: Origin, Access-Control-Request-Headers\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NtjGgUuup2zTYUtTIIv3kJkw9SuomMq76vLhYjnCWb7%2FqfLm2OoEr18MLYhxoNXhzY0xrzbqZ3kiFxAMobSKtXZHzTmK9leQhzCUWhKWh3iBqnS47ZZNwLl8vywwbwf0PLLO\"}]}\r\ncf-ray: a1a2074bdbc756a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":1217,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-12T20:55:32.084605Z","times_seen":17195989,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":59,"connect":19,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"op-api.gambl.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20fruitswx.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.699Z","timestamp":1783880076699,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20fruitswx.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"54ba-19e87ec55b3\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:13 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pA5nH4OGqfYFdPtEKIxOjmYFyQL4J2m5z5ha9cmx5bat7jGOKudVs5j1vrkSkPVTuTy1eHGmUSPrGqHjHCWX1jqUIlDJB98P%2BMrcSi204NiN2cVayNvZPlFhG4JS6vBI4CU%3D\"}]}\r\ncf-ray: a1a2074f6f68dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 21690\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21690,"size_decoded":23088,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"607b78c15a6cb099ed5685a069eec4ff","sha1":"f2222fcbbeaa10682090cb1fc0606363dbe31d8b","sha256":"c29893458d23db118fa0bf71b74e5a3ccaa48c3374776c8767be4c521b998ae4","sha512":"794fa2d28461ec95badd7a15e54e24d06c6b29529840fac24217765229f4b46bdfc24ee0b1d5b7fc9502e851ddb0a62e8905da94f922158c58335160f0b71c27","ssdeep":"384:pN9jHe138IK4vu0zR/U/nWxkr9UyTqh2taocYjlOxvDyvaI1Wuaz1hoLiNsTymxR:pDHscv0zR8Pk0K2ta7Dylk0+0x4C/","tlshash":"eda2e03f367c89877cc47f265275d9820004b082dc275a61366776e63fac5eb23ace82","first_seen":"2026-07-10T22:57:09.653891Z","last_seen":"2026-07-12T18:31:37.647418Z","times_seen":11,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/stuffs-DiuQsYY8.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.710Z","timestamp":1783880075710,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/stuffs-DiuQsYY8.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=rxfb0isvlzXm9T1a; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.149; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-7cd4\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TKHVtuKs8NYJUP%2FZJv%2BHSfYRoyy4%2FSFQhn7KsmSwAWnLZeEs%2Bf%2Ffeha84%2BUnBkkl%2BcOcAbWhkqiNXdjko25SVSm%2Fm27DtbWQOx6FtprXvPvtzAICrJXmdF3FqO1u\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a1a207493fcc56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 31956\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31956,"size_decoded":33043,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f28aee87221a0188368df4771f80ef49","sha1":"45ae42fae9ad8621f08cd4e5ccb4ecadf3343bf7","sha256":"96e99af8af3baa3249a28c2850442e8481b73a7fcb99aca9ef796ad6721c1569","sha512":"470bd2489a9aa993c6051841e95bc7ff88fe952fdf8cf97e8369fe3a406eece4a4ebb24186be403fa046c2f244dda766bb9382384e47c6e7ef9b3e1e0fd5ffb8","ssdeep":"768:YMyqtRHhc2ORBGSTZS/7FZDBHwyVC+lPK1SdW:byqtRi2OR+ZtHF9v8","tlshash":"8ee2e13ae81308dd65a1f88f8f9e185fb1c5b38ab6e5db8065345cb4245a454283752f","first_seen":"2026-05-03T09:25:58.572004Z","last_seen":"2026-07-12T18:31:37.698989Z","times_seen":19,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":290,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/GCB-C_pqZ4Du.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.931Z","timestamp":1783880075931,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/GCB-C_pqZ4Du.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=QUDzzCsfJRdZiPLi; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.215; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6a51f93e-4240\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ry7qvFRGWMWKhoU4zjpKb1sX4H0cwIRbB5jJCM7n%2FttRaati2ENvC8scPFuDSKbSrWN8WjEYAeu1wM6h5WKpniJkaxpmYt3QL7WwN7NcAP67zH7%2B3crYSmMQ65IJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a980b56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16960,"size_decoded":6876,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b38adce4f70c1a371bbf8f1da27fa17c","sha1":"4c9ba68797012f18287ea8a5cea5139034f47244","sha256":"540b4b79532f284728630a532dce3264d1df8bfeca3ed67b2be10b2eb1dd17e9","sha512":"8f6cad2f48b4a474f0cb172f8d61c323ad65468d0a2ab614d342824262ff1456c6e95dc62bf12edc333f794108e532980b44d024400e562facf2dfb00a768308","ssdeep":"384:n2O6uod1fGTPRl2GarXw5snhFdnqmiVJ945:2ruodxGTPMhFdqmW90","tlshash":"3d7283c032b693ecf60af7bc5b2560317c2324edba926574c7b66e10d45719c1e9a8e3","first_seen":"2026-05-03T09:25:58.46864Z","last_seen":"2026-07-12T18:31:37.732173Z","times_seen":19,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20fruitsw.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.700Z","timestamp":1783880076700,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20fruitsw.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"aab5-19e87ec541b\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:12 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hFntumH3Y687F7RqqXtE77CmnCHOSTnT32xCr89f%2FzmmRWKKCQMybn7gHE9FBHltPABdxFPotkeShR8rO%2B6QEat9ZZncukDS3eQM2%2Fe2VpvbdM889uK4F1HJ6JQrCTg8uaE%3D\"}]}\r\ncf-ray: a1a2074f6f69dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 43701\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43701,"size_decoded":45103,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x472, components 3","md5":"20c5f416730af16503567886dc21a735","sha1":"4e65d291c4c2481d1d0a5dc62a68b4aff59c1820","sha256":"27e9c3d08842aa527d828708a6f5c8e98752cf1ed941679ff1721bb6e1f064a0","sha512":"f5a695a9fb5b0fcd201af858ca3242bb083fb5c91361838b9c6e3d30ccd266ebbfc9a2fa165995a8f12ea67f816bbd18bd06adf63630374426bc81bd171ce4f0","ssdeep":"768:hYy74pT9jMPb2Gh4g7JP51WJxjKVOhcfPNmkXbMwN3jCjogRmu9E8p9wiARnbr:hApJjMPb278sJxjKRPNmkLMS35gpXYTZ","tlshash":"eb13f16bc67ce9d3f43bdbf01f354867b3a1567f96a26382783c5a5823d44014ac9728","first_seen":"2026-07-10T22:57:05.917845Z","last_seen":"2026-07-12T18:31:37.691242Z","times_seen":15,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/mahjong-ways.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.710Z","timestamp":1783880076710,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/mahjong-ways.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"286ee-19e9f372430\"\r\nlast-modified: Sat, 06 Jun 2026 23:14:11 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m%2BwHVpEzY8DgXwkMfIZ3MDiiHamNXupmNKkfZsVsw7H4YVd%2FvESsvbNY%2BOQKeaKH00Ck3nb4TylIFPAiZEGuMrzytBrDbfxu1BFH0VlqqzSMDzU%2BwhEPaf6vbri30cjrTr4%3D\"}]}\r\ncf-ray: a1a2074f7f73dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 165614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":165614,"size_decoded":167020,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"95d68880948c873c58ea66e23474ec69","sha1":"6631b75dc45db3bcf97429f32a1ad56bc107293f","sha256":"7205c06940e908eda5afde23f70c4e6fdd86c1a2cfb6fc3630af5a1471c4fd87","sha512":"62090b6c01be59590f4c5c87c95229dc16dfdbd58255da020214914ccd661c07e97490a4d9556a6fb7439db81e22e66623bab1041f87cb69dd09198aebe92624","ssdeep":"3072:bJ8tGOuljN80yHozDPYzZHgpzv0sWptTY5twl2prCveK118JQtRyvunMU:F8ghljmo/wJOF2RiwleILymMU","tlshash":"d0f323c1f4f81af8f653986680cdaa4b5e66a9b62d1bd111bc429b2c1ec0867e3743d1","first_seen":"2026-07-10T22:58:17.931148Z","last_seen":"2026-07-12T18:15:16.117141Z","times_seen":6,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/treasures-of-aztec.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.717Z","timestamp":1783880076717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/treasures-of-aztec.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2bc1a-19e9f36f890\"\r\nlast-modified: Sat, 06 Jun 2026 23:14:00 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zXffaoKvt%2F3hza5OM14JSPydnoouB3iwTfa80ptUWBmj1LxTDUpUKsU40fxstWuL0XMvC9PmKjQA1Z7jHEhSpDKhxEcyzyrAq6Rr3TjyHu5kNsSjh4AoykDnJMIJ3rMiFgU%3D\"}]}\r\ncf-ray: a1a2074f7f7cdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 179226\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":179226,"size_decoded":180623,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"159b55dd119ace08f169c05d6114f13c","sha1":"6a2c0e3c4925abb04b41177a253a6ecce50f6341","sha256":"9a85b5ecda9b78cbb3793c036540c002d6f24add1a7fd895af1c68b29c2bdbd2","sha512":"20aa3271c146f03e4a60cb674b151e084a0d0233cd425550863622be381fed6795691d6122bd8d3ed0251c8a076af1a62e352b7d8784d9ed69336869e095e375","ssdeep":"3072:teJQwUeOtXikSZsYpb+TwXQSra/PotmIghfD8ySYRx0y/K3hS3zj3qa0Y4:NwUB9VTwXQ7/UmT3l2a34","tlshash":"8704121ec6ac32b2c8c116338e6b27f644d7d436b8e594ba5b4d50d8c67327e2ec4d49","first_seen":"2026-07-10T22:56:48.078713Z","last_seen":"2026-07-12T18:20:32.082753Z","times_seen":6,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":146,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/dragon-hatch.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.718Z","timestamp":1783880076718,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/dragon-hatch.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2aa1c-19e9f3753af\"\r\nlast-modified: Sat, 06 Jun 2026 23:14:23 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6rPRGb805O20%2BnVKL4xSHz5NofGLxC39Zv4vRNEK4L2vJZDmnPKnWIjvuZf%2FefUUA62Brk1uUX15OaiIZ7JtMKXQRA1DV3NyGGzLDYcj6B67BKfAO9tQep6dVz81vKytwWo%3D\"}]}\r\ncf-ray: a1a2074f7f7ddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 174620\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":174620,"size_decoded":176022,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"91f3d7faa5ba87bf71ac2897797335bf","sha1":"1c498ae53119427ad3fe124318d4dfb14763cdf1","sha256":"ba05a7c88b6a3e8177479143742c140d30ef2879ad6f2e7a35bf22b798d44119","sha512":"54cab954c87d08e78baae5f2a7ba3b23ce30fb23b2570f700e3c2cb6daac4b10cdfb01117f76d34097562f22842a3565011b449ecdac9c6059d96508633e5724","ssdeep":"3072:dYx+RSxHlCinJz+yM91IAp0+wYYhGP6WLf3sZUwgGzo1sE4TSw2Cz:ZR+lpIyM9uAp0+w/ZWLPsZxo1slTSw2E","tlshash":"c704236b0e1e4bc75a9dd7986c4e06c5b6b5b49ac0a3153fa77980b19b50f21cf2dc03","first_seen":"2026-07-10T22:57:09.704181Z","last_seen":"2026-07-12T18:31:37.737539Z","times_seen":9,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/index-Cht9A9cj.js","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:34.404Z","timestamp":1783880074404,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/index-Cht9A9cj.js HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=wdKpk6yJplLx67t3; __ddg10_=1783880073; __ddg9_=162.158.222.163; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=xhWgPRMsimYYgWzi; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:34 GMT\n__ddg10_=1783880074; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:34 GMT\n__ddg9_=172.64.209.54; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:34 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: application/javascript\r\ndate: Sun, 12 Jul 2026 18:14:34 GMT\r\netag: W/\"6a51f93e-254f38\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AYhTE2nnkgKGTJYQegnniQMyoD%2Bs2LpLCjGNa2KYhHTJr%2BtkJHwWWGdHHLM4V6NZEV%2BX7SI3i11xpXrmBbw1nMDEskTJ50xuQpzjlZKflF51bI%2BGRo%2FXE%2FQVVFVJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a1a207410f2556b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2445112,"size_decoded":683457,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42322)","md5":"99f6775f7bdfcf97ca8c6e5ef2e03130","sha1":"cc77519aeb2adcb696be5b9725e78989e828326e","sha256":"eb5a4720dcd4caaf8133d903bf753bf6489e921b6dffa3cabc547dc16de6395b","sha512":"ce5d725248bf5f6db46bd68e97a163a42bcf331bdcb99256e6de55be901cd45af7d58ad6ee88a90a7bb5fd84b08d614f42bb08f23d1cf37399e86e4a65ec9476","ssdeep":"24576:/fHR6OsZ0IoekZ1iIPCzpp2oaXXBRzTtq7MJFKd:HHrY0IoeS1FPCzn2oaXXBRHjJgd","tlshash":"3e358e1c67edb2a9059b724538492d3b757c143df6ea824198e8bb6f20f1c64c13fb68","first_seen":"2026-07-12T18:15:16.119182Z","last_seen":"2026-07-12T18:15:16.119182Z","times_seen":1,"resource_available":false,"data":null}},"time_used":743,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":397,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/support_field_background-BshW8QoL.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.714Z","timestamp":1783880075714,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/support_field_background-BshW8QoL.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=kMl0IS4275bfLKe5; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.14; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-2e6c\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b2dBGXSLcrKZlZsUNUlcBJ3u3ZJEj%2BVT13ZVH%2BKPnX6usBK0GhbKGYg%2FE5TXe7ghuVSxGOs6r%2BrA4eTFuMnDApyv5KTgYmX%2FfqKGe%2B1kk8I1Z9v0NKgqWjNu8S0N\"}]}\r\ncf-ray: a1a207493fcd56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 11884\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11884,"size_decoded":12965,"mime_type":"image/webp","magic":"PNG image data, 330 x 71, 8-bit/color RGBA, non-interlaced","md5":"b51aad96d902ca506e02d9ad1e1f4dcd","sha1":"198a23d1aa7246db409bc4dc06544727daa44c78","sha256":"c7cf203481ad4dc3a93b0723608f5ad80e6da3af73a858ac2ce16ce37c35af8f","sha512":"f7178d64025d3c470b88310d14650f51fe29d7b7712ec192f7a0162ca0611d9ca001f94fb3dfe37d349099b9f01dbe75650a1ad9c7c438f4509c6f910628fe56","ssdeep":"192:lS+lvkmDNjAIekomrbNoibMKExB2smII2PchoP1lOkK+dHTMB27GknU/wDf:E+lvHjAYWibmqsq2USzOkvdzH6kn77","tlshash":"0332bfdb32f4b165197e4b8065f23017cc5e89b85fd4074c762b650e0676b1727b98d3","first_seen":"2026-05-03T09:25:58.56254Z","last_seen":"2026-07-12T18:31:37.747046Z","times_seen":19,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/public/domain-info?domain=diwins.bet","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.915Z","timestamp":1783880075915,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/public/domain-info?domain=diwins.bet HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: W/\"152-Fv7i2RgI7+vxkVVwLQhQ0RnTNpc\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1rK3ve%2BHrPcuHASwR%2BLZ3tnYfAVXkxSNXof4GYngHYG4qpP1UwDZbLQFco%2BmTv%2BlXjG71nA%2FJj3d7Qasn6TDTvZA4pgPfFPkzAc0X0l7G2I64OvZufVeItT%2FOZ%2FIO2uaZX0%3D\"}]}\r\ncf-ray: a1a2074a7e76dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":338,"size_decoded":1575,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9910a474fcefb658cd68011f1bc51527","sha1":"16fee2d91808efebf19155702d0850d119d33697","sha256":"59157b05d57b1f82dd76cc7eaf64c2307d55013d2a7579dee3bb775b4de96986","sha512":"cfb4d655054805060f9658ec9ab5374b684bceae21b0ccf5f52ecd43d5db54b8bd93cad6f604c93c83e87b5d957ce16ef037c34bed77703e40ede2a0bc1249a7","ssdeep":"","tlshash":"55e02644ad10ac7c0f563fc039ea3d4b03f80527ec666c92c19d4f1083d98211115a20","first_seen":"2026-07-10T23:10:28.589124Z","last_seen":"2026-07-12T18:15:16.121338Z","times_seen":2,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/windows_image-D9HcJYU_.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.941Z","timestamp":1783880075941,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/windows_image-D9HcJYU_.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=B0WW4B73TfdcyI2o; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.223.5; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-7160\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7DBLKVdYwl94zM%2Bk4rY%2FYavHMm9jzaeQC0I8ocnHrfYjb9ZFgia%2FEbSbxAfUrNL9GUnmmLT%2BykbQHvJ%2BtCl84FtuHJFeialgLWhMoUOIUc1LBpk2ts9Q00gdQHEe\"}]}\r\ncf-ray: a1a2074aa80f56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 29024\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29024,"size_decoded":30103,"mime_type":"image/webp","magic":"PNG image data, 163 x 149, 8-bit/color RGBA, non-interlaced","md5":"749266b689ad7b0c9fdc4c43f9edda9f","sha1":"c7cddfc35c93bad203b4a046961e764c1368369c","sha256":"f15cb414f6facd1e665acf00fd7c4038655381954feb698d39b28fbcb98837ee","sha512":"9f8ec6f99e532aabae086f285199cd1db67a2c82301531b9efca3ba85332c68abe3cdc0cdb7a60abaeecef04c1cb197ac218ed7dfd15b121cef8f931b12d4f19","ssdeep":"768:ua5svhEeoLABwYYJxsrf3BbHWadRubuVq:PYOe4ABwZJxyfRzW4q","tlshash":"acd2d1402bc0b619a40b0fe12557e607cf732ffa5005eac091bd96e554a91baab2bfc1","first_seen":"2026-05-03T09:25:58.530823Z","last_seen":"2026-07-12T18:31:37.745469Z","times_seen":19,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/empty_wheel_of_fortune-BvFs0QoX.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.317Z","timestamp":1783880076317,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/empty_wheel_of_fortune-BvFs0QoX.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ziicTdC0IR2K6Dek; __ddg10_=1783880076; __ddg9_=172.64.209.50; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=K5ClawpRcZJEA0p6; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:37 GMT\n__ddg10_=1783880077; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:37 GMT\n__ddg9_=172.64.209.74; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:37 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:37 GMT\r\netag: \"6a51f93e-224a8\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PiNQaMm6e8fwvCqyqn3ObyVdGK%2BJKHhxnHXgvpC7%2FpP8wd0Hkx2G8Yj9JOru%2BcL6I%2F39kOOjEsWntobdt%2F34wdCeNdNY3BQ2aucFW94oRL4Bq%2FXt4SoEn0Xs8%2FYg\"}]}\r\ncf-ray: a1a2074cf84356b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 140456\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140456,"size_decoded":141541,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8bca8b0883192fe0acd03e5f1d93db7e","sha1":"9389b04455ce537ed80e128ed8425dcf18dc42ae","sha256":"886afe857a2b02c1774c0673a3efba566cc04819f7296ff500d0fbfbe390da0e","sha512":"7ede32a1b9c95e05a7390271377965482da6d53fc99e6417222270f1f279934518f80a0abd0846a99995c7a9b9aa5fc8bcbbbe2d9c65e5045737ae2045bd0a14","ssdeep":"3072:OX62yr3/9NDLA2YsrYJ3EuWHO4l+GhVbyPsrz3dshfPak6:6orPDvxBq3EuWu8+G3yPsN0fP","tlshash":"71d312801fbcde90cc6e291d983ee302d6676b4f19870918d9fcd5d6354b2e348a706e","first_seen":"2026-05-03T09:25:58.493685Z","last_seen":"2026-07-12T18:31:37.652798Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1008,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":880,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/ganesha-gold.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.711Z","timestamp":1783880076711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/ganesha-gold.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2abd8-19e9f3743d7\"\r\nlast-modified: Sat, 06 Jun 2026 23:14:19 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QQzChzYBYbk4u7tOUiX0a5J%2Bf1Qr7kotpDpMoL6tDDow7LhIKKIEog0ElQjxJQE3YlClwveoHeCVXaUG7GXXNkab7OfCGCrg%2FZr97GEKyEFXw0ee6TqA1iywY%2B6%2BQm0ezQo%3D\"}]}\r\ncf-ray: a1a2074f7f76dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 175064\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":175064,"size_decoded":176467,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8d0c6618a183330366ba23d78072608d","sha1":"d07afb9887e89be99969f41fd7351bc867bdd2f7","sha256":"28ca43b83f439e2bd70857c577b5cc4a38458393a65312485b48b1c6f8d33cf0","sha512":"fc97f43ba13b4963108b5e792a9929b876c8a04c0a3e59c07f194043a86a5c840e8bcf1735b2d9e7aa8d20207719fcc469909c3f7386d8492cda4e0f697dc1b8","ssdeep":"3072:nemYgTpHWDWV4IrzWc4ZuNFOcNNTJaPPhZ7hfwu6biu2Eyx283YYJ4/:rYG5WaVVShuNdVaPPNoueilEyJ3Yj","tlshash":"c904136276aa15e492fe80eca4c800fde46d832c7478d19079071b371dae7396e4fb5e","first_seen":"2026-07-10T22:57:05.836449Z","last_seen":"2026-07-12T18:20:32.132999Z","times_seen":7,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/opened-present-CEvNLioh.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.876Z","timestamp":1783880075876,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/opened-present-CEvNLioh.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=qf1LcqRSKPX7wCFE; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.54; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-3ff94\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oran7SEq%2Bb2hbf715ex7Pbj0EUwyTZSxfsKFPVdrTgBA08eFf%2B5uWQgiUeNqWdjhn8l7gf%2BftX%2FU6HZ%2BeLmhp6PmrdSV41B9PKMeTOOO4AqqCMXBs6C2sjpMtfkn\"}]}\r\ncf-ray: a1a2074a3ff156b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 262036\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":262036,"size_decoded":263118,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0d2baa6171c82004a7a67d102a54d218","sha1":"924dc4c0de181492fd2ba8333f0367370ec0bd9e","sha256":"a39bea34716d84ad0cbe1025dd76a63d40adec168c16e18d6d5f3ae57a00bbe4","sha512":"b7e536c3ad0a9df9ab921939a0ff28a7a8184edc08373430132151b9a436b50a876b400365144697523da6f81067295599c265ce8760912db4dda7229da1b009","ssdeep":"6144:UxE0KXqMTTrkKUHLn2w/D2M694CxdDxCddvtFGvBo:O2XqCTrzUrn2wTCxmFGvBo","tlshash":"464423d202c9c9da02833b21df18dc1a76622e96b3979840bd4ef5a3dfd93096253f65","first_seen":"2026-05-03T09:25:58.453632Z","last_seen":"2026-07-12T18:31:37.625955Z","times_seen":19,"resource_available":false,"data":null}},"time_used":648,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/bitcoin-mljS7kJq.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.886Z","timestamp":1783880075886,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/bitcoin-mljS7kJq.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=euRtVgVnzwzz4636; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.36; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6a51f93e-2238\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Mzua8zo7g%2BqjuJRJt0TqQJwSNpba0lkOuZpREo7280SeY38gnFHuws1zeWegqAoBEjLNzk6RCK2dM4VvxFwYXiF1JQQSwxg%2Bzq1FM7ZOGcwY8aK9wLikqLFDJOg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a4ff856b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8760,"size_decoded":5101,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"710d57e714cad5fc98006574c6d725d7","sha1":"2bd571b41b7de877bc6d90b2dfd7fb5e6693402f","sha256":"13ec9cdc689bf43163ffb90f01fbe8f21fa52f8682df748a0a07d712a6d826cb","sha512":"65be74910f381df417e37ea166c8d7b489534e4b87cbfdc27677c26e491c23b4aa10fa1d35a611355e6d71d437e3c4f65d19cf821527e08de90943a46f5880e8","ssdeep":"192:Xw2tvul277dypCfZp6XozrP6wJ+Lc0rFvBD:Asx7ZfZp6fDLcAD","tlshash":"8202d8dd7bf456e0f842e3faca2340a6352334fa2691ca58c39ded45a6511ae4c59cc3","first_seen":"2026-05-03T09:25:58.573157Z","last_seen":"2026-07-12T18:31:37.74777Z","times_seen":19,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/games/live?limit=8","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.933Z","timestamp":1783880075933,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/games/live?limit=8 HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"acd-jNGgtPtSu8ovv8krIlGe/BhJvTE\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yOCBc5qNJRAulFwiFIXW7vspMyZEElypwnMcKfiO%2BYhjW4oCc%2F1Fx8vynPKivegmPcPuBR0xCv3luTVb4ISsQpD4yxM7bVpG7r%2FmUisQfoLE064V8e8pbrKA6jQKaE%2BZE0c%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\npriority: u=3,i=?0\r\ncf-ray: a1a2074a9e81dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2765,"size_decoded":2319,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"453b5d040ef18556efb58418d322aca3","sha1":"8cd1a0b4fb52bbca2fbfc92b22519efc1849bd31","sha256":"c684e23a3177e98e9fe46b47d12cb0348f48041e98889c656fd98f15a0d3a991","sha512":"9e75d065727b279f8f075c8bf0e3084a39ec6ee67e986b844e0965c0a06681ec79fd2e9ea18e1a62a05a8928591e062275f719f5c125b9c4ebfaa49c6b11000c","ssdeep":"","tlshash":"0d51006f55482df8d6351a90444a709de8eef2bf96d10c4880da8d3eccf06d639bca67","first_seen":"2026-07-12T18:15:16.132199Z","last_seen":"2026-07-12T18:15:16.132199Z","times_seen":1,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-road-two-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.682Z","timestamp":1783880076682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-road-two-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"1e8d7-19e1889e150\"\r\nlast-modified: Mon, 11 May 2026 19:35:49 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XRUpXPfVB3WvtRp4RCtJnC3mvO7IarCT8DdvFGDMXLWBjt89qXAnqPbj420gssDPRRqgQECl7Xoor86cJIg1sV4yr9JPduvMhL2wdhI2henPNKoOr1md22r0IyIcUL0v1EU%3D\"}]}\r\ncf-ray: a1a2074f4f59dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 125143\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":125143,"size_decoded":126541,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"2d07f21bc75cb17f3940a7123055df18","sha1":"c3fd481de5f7cc6fc3a4bfbce86e2bbdba460c80","sha256":"9ffc0c533072f341ae2d4e275de1a7a5bf86aa9ff2ae655d29a762af22dc6889","sha512":"28f58e9df9b691e95c7020e505dd5625a186f3841a5ded08138178f438c6cbde536e97c10faeff65caacc8a9e56e1d2794e20664bdeca81e12c2d6e98f4b5817","ssdeep":"3072:jbk1ZeasmvqGo36qLo19b9fxS81h2n1Yg:U1Zea5fdWo71xDzS1N","tlshash":"33c31253a6202d8bc25b83fe551b055cbf7d8de00d29baf78e5ffd618a38ca1e944409","first_seen":"2026-05-03T09:25:58.448805Z","last_seen":"2026-07-12T18:31:37.742445Z","times_seen":19,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-road-gold-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.694Z","timestamp":1783880076694,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-road-gold-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2bb1e-19e1889de1c\"\r\nlast-modified: Mon, 11 May 2026 19:35:49 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0JJAPL%2BG19hd40G1ms%2BUQo4E1N8xPD9HPZPabqLIQZolz0EPlwnYQpfqka93grmbhMiuKHz%2FuwTBZ4YjJHoU00jpLKedkvz0bgjnhssaRpYzUEXuYQlY4lDlVjPjH9US9uo%3D\"}]}\r\ncf-ray: a1a2074f5f63dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 178974\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":178974,"size_decoded":180378,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"7e6786b8f04722cfa883924cf56e618a","sha1":"11834b65154c89318b09e30540170438279db363","sha256":"d15c8109068462a9bf3994fb4ef6f126253b038b1ed7e2030c23f013dc7a8857","sha512":"0e188cc4eb6bad0ec7a3eb8e6bcadbd2ad447ffc868ec327abe99924d910c8c1b38bf5607442880655d691967bb27c87abbca0ee85fd7ff4180942a96958a690","ssdeep":"3072:wbRMbtR2+Z8ik03JdOr2QjubVpGy1lYxba5gzDdmTrCgqZnC1Wtkbzi6eI3uMkRg:QiR2+Z82Cr/jubVk0I+gvjbCMtka6eIF","tlshash":"1304138e2c596af29f843e48c8d05f3e4a7245e7df80b1d60e0bbcf71e9018867b5556","first_seen":"2026-05-03T09:25:58.480792Z","last_seen":"2026-07-12T18:31:37.703949Z","times_seen":19,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/10256.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.712Z","timestamp":1783880076712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/10256.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"36502-19e87ead2b0\"\r\nlast-modified: Tue, 02 Jun 2026 10:39:34 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5rIHh8nuXXXiW5yFfOdvnfx7aim%2F4mxDXgQg6bqDEnktXNgxyW7kjtMA98eLKadv203Z90H2EUVWOWgRYg%2Fo58rKZg%2Far9Tq%2Ba1XOFpciX%2BHtgiwKSM9pw1jxh9loItW%2Fb4%3D\"}]}\r\ncf-ray: a1a2074f7f79dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 222466\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":222466,"size_decoded":223873,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"661f796f4d5f4a660dd1873088e19d51","sha1":"dd4c317b264c8284e032acb64ccff47d5b70fd92","sha256":"5f3ca33d1a4473fcfe1bac6bd57f611d08cafc9cf48cff0c3f9decc614cb2cdb","sha512":"67913e397da426b60a07da35ba206393ffac1c53622e04381429745c92dfc9bd5b2a2465e20746f066685a3f7bdda7b85cd25661f48edb5d60d0e8dfd67421c2","ssdeep":"3072:uwPP/Od04pLZfPZezZ6Cj6nvWe4l1zZ3tREe1Bzrmz8orw6FOIArvmtCcu8guJE8:uwPuiYZfGHev4zdXEufmz8e8Ulgu7","tlshash":"bb24225dd119976cae0d940f028f69fad8b621cef65e22c6146abe7c0dc877d2c3061b","first_seen":"2026-07-10T22:57:05.910661Z","last_seen":"2026-07-12T18:20:32.132002Z","times_seen":7,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/wild-bounty-showdown.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.721Z","timestamp":1783880076721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/wild-bounty-showdown.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2bc72-19e9f36ee70\"\r\nlast-modified: Sat, 06 Jun 2026 23:13:57 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lnhYjGhOFjjQfgIYA8Jecd6Ryeufz8mYE7bB53N5Gheebv9uCAcS0w7yW%2FhdqnZ3UbAtxyf9QtsD4KRATjVC2iB4VgN%2Bl9PWvw7QeCgqbmMj%2FOfY2fI3KFU4r2pXeUPv8t4%3D\"}]}\r\ncf-ray: a1a2074f8f81dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 179314\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":179314,"size_decoded":180718,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3365e640a2b0f518547c1cc922353c78","sha1":"5661350ced325d532b25a4d27de835feb8d36651","sha256":"f000342620d26ff6bfeee957e130df0b2609fe1d15ca52bbe25a254224b37682","sha512":"cb605953f3589a0ce3ef693682e399a627bd562dc46d0b85f09efe3e28ebd179ff87c35e6a7d109863179da8e6c7f262ae4b2ee3721326593e400dc1877e60b4","ssdeep":"3072:QzxxGQpvyjYCvxROtascUIi9IG0LLVNhLCJFPoDlxbgh64kudgoRjXr9tk9gpD:QzHlpvyjh7MlInl/hEPoDlxbghp3moRj","tlshash":"ba0423d8bc0c7a4fe8cd707a7511069854e4871e3b2a27644b432fe49598f1e3fab05b","first_seen":"2026-07-10T22:56:48.08432Z","last_seen":"2026-07-12T18:31:37.674839Z","times_seen":8,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T18:14:33.484Z","timestamp":1783880073484,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=wdKpk6yJplLx67t3; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:33 GMT\n__ddg10_=1783880073; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:33 GMT\n__ddg9_=162.158.222.163; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:33 GMT\n__ddg1_=pERIjIW19ruO01oJNXnR; Domain=.diwins.bet; HttpOnly; Path=/; Expires=Mon, 12-Jul-2027 18:14:33 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ncontent-encoding: zstd\r\ncache-control: no-cache\r\ncontent-type: text/html\r\ndate: Sun, 12 Jul 2026 18:14:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hx3BXPFgujpR4R1BEPUEJQzVYa3A8w2mAwnrMK7XQlkgT4h522vV8KOeIk4qlbj3dqd1eej1sX4Q9Vf3MRfHOfm81MCkQv%2F%2FRXjh1h4RY4jWZENVV9avhNCuZr0m\"}]}\r\ncf-ray: a1a2073bfec556b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1947,"size_decoded":1827,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"32615c4005a0110b781e3bb4d09ab52f","sha1":"d9a777425044128541c8f955198ae6702599066c","sha256":"31d8fd11140a2d5b594d2e37ba15559bfd3b44ad29a5ea2b6ea0ebdc7b7b5b22","sha512":"69903558a8e0ecb9b978f658174d6df4b34a8858c2ff16fddd09360ea7a5780b5ca80c40f65f0fdbdfaf10accf7d90f77af7b320a599be1e3da748e70dd4cbc7","ssdeep":"","tlshash":"b641065351b0942422a183341ee3f55c9e2e868793486d99b6a450ef0fc67d4cbf7bf2","first_seen":"2026-07-10T22:56:48.120785Z","last_seen":"2026-07-12T18:31:37.721982Z","times_seen":18,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":79,"connect":24,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/press_field_background-Cdz_S5mJ.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.717Z","timestamp":1783880075717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/press_field_background-Cdz_S5mJ.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=4bLTwy9xCrjrLgrt; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.223.5; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-283f\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F2VexDiIj%2Bmiu3iD2iUbSe9DWV23slXWTUjQHcxbNyXX0F%2BHIsF5HVwWcr%2FDRiUk%2FyC9bKZrtANzagH%2BuuF05g03ATV%2FZVaWtCVSz%2B5NpoGEKL9i6yooCmpu0xcG\"}]}\r\ncf-ray: a1a207493fcf56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 10303\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10303,"size_decoded":11388,"mime_type":"image/webp","magic":"PNG image data, 330 x 71, 8-bit/color RGBA, non-interlaced","md5":"9277f5f4e0c5ec965fd895fa5230a295","sha1":"e633562ab343c2e694d98ad152e511af4ad9d465","sha256":"d4238606fd0cbd7fd2bc4f8648e888f3a48f50642773f64dd2c24d65b180bdaa","sha512":"5ab3eb52c0ed0d91c3d1c7b66f874c97dccffea2870cb627824e144f8de9b146eb61aca937d6ad48554c79093c4d657f928e115c305ef01e27b0e99b4ec37baa","ssdeep":"192:lSE3Gll86piYg5VkOYMCToZ5aGCiWDnn4rNGJYlvgPsPTQhTI73eG:EcGllgYgnkNoqGtWDnn4rNGJqPTQJpG","tlshash":"0a22cf4e3c5ae448489d67f1e6ce0350813d1be68ddac0fa26964ca229eff6c070d793","first_seen":"2026-05-03T09:25:58.436952Z","last_seen":"2026-07-12T18:31:37.675431Z","times_seen":19,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/bg-slide-rolls-royce-DEuKrT2h.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.843Z","timestamp":1783880075843,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/bg-slide-rolls-royce-DEuKrT2h.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=25cs8BjN5jpzkmUP; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.106; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-44ac8\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gAraZgH8eIShSGFcNSjKucEW1PDmV3g7%2B2gRoVC%2BolqIRD4diIAJdHJPzYN6tR4p7jQ%2BjeR%2FA%2BOYAeKIe5zFg41SfFvXXS%2BuFgvaxePgFNg%2F2onR1nTaOWsjh9Rh\"}]}\r\ncf-ray: a1a2074a0fdb56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 281288\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281288,"size_decoded":282375,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d673eb3e0c4501683a08ad34bb1a5662","sha1":"d264f72535c24d5dadb6dfa43bd7a9cd11d8baa4","sha256":"e92cb9c066e132e79635910fae8265736749a928129d26cf5bf60bb5bf09ae0d","sha512":"5a730e07953aed75d2f3e1aa9c20137bc6f968662a0c65dd6d7f896b5b838f606439e8c43036dfb78237003b1448e823ec319b11520f6ced2f9572c9e721cba0","ssdeep":"6144:Avwm9g1xMmIoXAo1O7dXK0b7+adRSJrYwpCDlp:AYV/KD7dXK0b7aRm7","tlshash":"0c542396bfe8fbdec8576510c6eda331835035f9dc22d8429c09a7e976688f25e70423","first_seen":"2026-05-03T09:25:58.422158Z","last_seen":"2026-07-12T18:31:37.685284Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":1085,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/games/types","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.910Z","timestamp":1783880075910,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/games/types HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"113-MZFQhLGi8NSK/m7hlroK5N6TEqY\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2c11koMV0K%2BEzYCKJgCcAdzhrhEs6VhV4pLw4WKs820uLKCyrtXAHWasWz8cKQahJNnxw5DEwCgvMVVBXdFj9pLfqT3AzsXji%2FeQrwUNDG5OqSK5tcMtcP0BEB%2BeVjcXCig%3D\"}]}\r\ncf-ray: a1a2074a7e74dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":275,"size_decoded":1489,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a750afa2fa37a9718f3fb46ee312cf00","sha1":"31915084b1a2f0d48afe6ee196ba0ae4de9312a6","sha256":"552fa3fa38aecc162047ea3f893bd1eaa1419ecfdaf02bb7f6fe6becc7b16a0e","sha512":"5da81d7c09edff8071157ec7759715193f83334987ed01863b176842d5a3540dd4da60f8156fa8f1a3ef4294873de3bd4b12f5ddd2fd05576757bdc977896137","ssdeep":"","tlshash":"b2d017220001ddbaea947fc420c6f803f99420a182845408f22ccb3ac28c345b87ab6f","first_seen":"2026-05-03T09:25:58.437926Z","last_seen":"2026-07-12T18:31:37.654415Z","times_seen":19,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-road-race-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.686Z","timestamp":1783880076686,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-road-race-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2fb27-19e1889e02c\"\r\nlast-modified: Mon, 11 May 2026 19:35:49 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NAxWgKYL9xwloPnQMD2vth7iyOxXRf7gPiD%2B2stSs3TDCilUg6urPdU5baGtI7bupiANQ3KOwjJEq9liFDYm9v5Q04vpMkGwnmTnE9TiVTNyz5izQEuCabQr5IpNDklMfvQ%3D\"}]}\r\ncf-ray: a1a2074f4f5bdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 195367\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":195367,"size_decoded":196767,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"de158b0c510417fba2d86fe9dc29d4cd","sha1":"b023587e15eaa94cac426b0a634e83b3fad3d972","sha256":"dfe048fce2f1b58c4cd56008d522b8ee3b1f0b40b6383d846441621c8d89df6f","sha512":"b035fa249696ca1923e54314cb2a96197d5878f1e11a1cd33a57ddad4694f4d92f3d70f71b21a1749a3c835b3109e5791b6b7269304aec9f12c55d5e6c01c0f0","ssdeep":"3072:NJJRhYFLeQitU00sUQecSwR3+SFYGypmMSXJ/EOYF2/0/+RsEvjO8/e9xLX5kQO0:NzRYiQ8UiUmR3ZFYJpmMSZsOjuUa8/8d","tlshash":"611422119983348d566c0beeed88d0fa00fc654e53e954b059bc9acbd6ac3f117c2e6e","first_seen":"2026-05-03T09:25:58.528271Z","last_seen":"2026-07-12T18:31:37.708195Z","times_seen":19,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-vs-zombies-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.690Z","timestamp":1783880076690,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-vs-zombies-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"49ec-19e1889e2b0\"\r\nlast-modified: Mon, 11 May 2026 19:35:50 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Glsua6%2F1sq7l0zWWRJIDTbStjzsxaLMy7wk2p1HurkfCkx5tjPLiQw1liyBS4q7l2acV0gtZXlCS1YO04%2BspAOsRyYZ1iO0y70MhfNejMzXVwouiHBWblHkgvU1R0owHQE%3D\"}]}\r\ncf-ray: a1a2074f5f5fdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 18924\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18924,"size_decoded":20324,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"3c496079d347b741f8a61c9ff13e5f25","sha1":"d34e547f81a344f52f32078078090b0e6dd0c549","sha256":"6b61c65973ee02deb325d6cb91f24c3201e376b4fbb3bd25c7dbb14ebe1b28b7","sha512":"a1030c0c003398488e2b35d4e0777a0f7de2936831b2ab3fe0f21d64290e84db39fd293b0ea1f8a0ecc35e99e0e7c927d8699f0cec504219d226e1c13464f488","ssdeep":"384:zGjo/RN/ZF6TOfWpzF86HGv3QVv/bOwvJ9WHV82zghRHl3Kb7+q:zGcZVZZfy587vYvyw3S82u3KF","tlshash":"ee82d1e92fa5f094e296772451135350523390a01d40de8bfdf9e27f2932e509caefad","first_seen":"2026-07-10T22:56:48.11117Z","last_seen":"2026-07-12T18:31:37.736909Z","times_seen":18,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/rabbit-road-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.693Z","timestamp":1783880076693,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/rabbit-road-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"266bb-19e188cb63e\"\r\nlast-modified: Mon, 11 May 2026 19:38:55 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9AVKJs5yAoG%2FGB3VZCnZaBfBuYg4sE1ItU3Gc25EN%2F5v4Ei7xLUwMZuYcuVIKrqtzOb3qK44hp3dkCQPCod3ydq%2BFvwn7N3tyNJnSUKat4N0iKD1O0S%2Fp5pwVFjLk1SnFhM%3D\"}]}\r\ncf-ray: a1a2074f5f61dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 157371\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":157371,"size_decoded":158777,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"350386f4ae53bc8b1e470dbc414eb3a6","sha1":"d1d4472c746f237c379d64794389971df62dbeb9","sha256":"974fa37657af78ae7f1695c622ad77f544cc19dd6c3bb29502ba7e6f4b5c48c1","sha512":"7ee319101357aa4bbe8e6c0eda5ca456d062d8fe15a6298e01066491c36ba25b534266b8ec19f2ba1dfbcc657df1b0c849ca65c57767743ff21269550e04144f","ssdeep":"3072:n3qGl6Cx84WbG3geXr6LfjDcjjeZa0V89C/gblDXNOVR7E:n35lkYDXQrYjC9AxblQ+","tlshash":"6ef312530d7981eb4b9bf6e3b9040aa01c026b4d37d183bbe79deec869d58bd08c5305","first_seen":"2026-05-03T09:25:58.450756Z","last_seen":"2026-07-12T18:31:37.68172Z","times_seen":19,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20starlightx.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.696Z","timestamp":1783880076696,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20starlightx.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"89b2-19e87eca9ab\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:34 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OT1lm3jNtxkDgp8hD1LVUra8Da60lfdcupApNyGGRQa39zghMztMBU6EVZtr%2F1iSjIxyt6UJWDstIOB53Kf%2B7h8KZrDjc80w3kxaHJheYh7S31wW%2FwEnZazviqUnpj9%2B0uE%3D\"}]}\r\ncf-ray: a1a2074f5f66dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 35250\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35250,"size_decoded":36654,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3ae3ec5a75801b381094718d06dcab2e","sha1":"7eb10ebde706bbcab68295ee9fb2af204c97886b","sha256":"3cdaf2affbb77d8a1e05ecd3bf913ab2029f2067674709c4564fdb7fb2e25aa6","sha512":"f61ee24ee3d37c2fdc9d4ad7e5e6fbc1125475dbb11ec79f4ea977fd95a80ac407c720096081e2cc3defdd8819c41a35a2eadc2b5d326b9d4b65a9ab4b00639c","ssdeep":"768:nEnkhDG+JBWk2KiU3xY08SwZhfNqhz6uMkncw3ucL655YSG:nEnkhfWk2KiUBY08LZlNqhaktL25YSG","tlshash":"3ef2f15b3746bcd6a6cfb94b28bc5b0a7e1e1811d5f12f56c148c6aa2d3f47c3a63012","first_seen":"2026-07-10T22:56:48.050838Z","last_seen":"2026-07-12T18:31:37.749473Z","times_seen":13,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/d-rocket-CwVijRid.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.859Z","timestamp":1783880075859,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/d-rocket-CwVijRid.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=SZGEkECGnsroLUy0; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.195; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-2a84e\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2pMvX9TupYQhNZsvhX5jrpfer149ve1YIJDpisXgR4d7JHD6iec9GHaVtm9mx2qlM5YW4ZG84YnDTtB%2BkjEirs%2FTcweepyz%2BOsb7k3k%2BQz1i%2F%2BRKgN5abbNjaZ4W\"}]}\r\ncf-ray: a1a2074a2fe956b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 174158\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":174158,"size_decoded":175243,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8c927ce999d40abaafc51fb02a321a3c","sha1":"fe5b860fccb15b759c8d81556f525c64ea30780c","sha256":"5763965cfa076dd8724c9e18c72ee4fd3ab93a9575a569b4531e1824f55c5362","sha512":"fb2b012d4e84f302700458c582f79dbfc097140fc5d47b53ac805b3f0ab62ac50c3a2aeb5a89d10b3edc6fee590d7996f932c9adbeaa6f1a0931836d9a6b3eb0","ssdeep":"3072:WGyzqM0MhVkJ69+b1oBjitPI+1fm5pJ6c4tHWFsPVWUoYKTxnwjilTlgeX:uA69+Ryom5DH4HusPVgYKTKj8ljX","tlshash":"f404237a6e6f66470f6e9239c192f558ba08018f2d6e1ec8507f8cba71313f40a590f7","first_seen":"2026-05-03T09:25:58.570621Z","last_seen":"2026-07-12T18:31:37.679346Z","times_seen":19,"resource_available":false,"data":null}},"time_used":454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":301,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/cryptocom-CL7Ghwue.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.917Z","timestamp":1783880075917,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/cryptocom-CL7Ghwue.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=6v4b9WEpOTV4IUFB; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.223.5; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6a51f93e-145c\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zk9khmnJ1Nel1idXlqF1tCCwSvYtF23Tv7tr2EbprWaJFT3C86DTrMQkQEmbS8trlPBItCWO8QyPYl8IUV8JyaPaHb%2F8tXS6TxlCfo3crMUHwh4afTEV4A4nZ34W\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a780456b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5212,"size_decoded":2934,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d1d09fd759918c16c030d9ad3ab8311","sha1":"17a6f1877ff138cf956339c93992f62663d5d207","sha256":"932a9f99e97842571bf490bacbd702458458bd3855e2fe1881b57903b1dd2ca6","sha512":"118907e69bf418432854f04fafb3e17b6bb8a8d90fc4c8fb2d1c404c9837eb538c8fcdc5ee730a685fd13e064dc99be61dca02b1b7752b43737a204e1745f496","ssdeep":"96:wlgiEHU5ZkKmDhVpQino3ZyKxD7pJrtHw0oxeq4iKh:wTAfDPCimEK17ph1a4Xh","tlshash":"aeb113eaa76488e1d84693fedf3d16ea337228bd3932c45963d16e22685117e884ddc0","first_seen":"2026-05-03T09:25:58.435924Z","last_seen":"2026-07-12T18:31:37.632745Z","times_seen":19,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/crypto_gambling_foundation-BbxkjRu0.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.921Z","timestamp":1783880075921,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/crypto_gambling_foundation-BbxkjRu0.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=B7TeM6xbN30DQTJk; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.154; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: W/\"6a51f93e-89fc\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=59EY0Fk%2Bx%2BDSuk5kRHZTiF6XjqBboyvOQPLF4JbKKzdfaFApfg29G9FA6cmLEzsnX94sNoxEtuy6JNndsNVosWxROsrr31tyvcHPnxPRROK9WaIuW5%2BItIH2iNi3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a2074a880756b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35324,"size_decoded":15425,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4ff6e9ffc2b4de36bea9c02f407fe588","sha1":"73f4d8b48155cd22dd74bff2100d178f73062451","sha256":"7b94606480b18209752427b8347bee08f39aabfc57c8ac3dc1fee4edb94761af","sha512":"362eeff5f4bd054e1c6770bb4902689d8a4c943c1060abe2eba5817376864df31eafce85042c66fc57c7a17b30e5627a93e0771aa7edd5bb4ce238a5dc8edb99","ssdeep":"768:Jq2EK4povVWRgXI4NRoiiD7h+MiyF36A9n9NXCm5f9nWFJq:I/Jz2VzoNDsOFKIn3Xjf95","tlshash":"bff2b4d837f6a3f8f000f7f5572650747e4624f67b62c978c3b65e98e54a44d8ca8890","first_seen":"2026-05-03T09:25:58.490776Z","last_seen":"2026-07-12T18:31:37.634336Z","times_seen":19,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/games/mainpage","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.925Z","timestamp":1783880075925,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/games/mainpage HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"e478-PmF02ydFUWWmPDVZZboxU8Jdl8Y\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1MgTjruHol5ZtRsVPmZsnGeXfNE%2BbzRlTYA4vnr4FFLoA8DakxJ4t3kyJ9tdEaVyi7rRBveL8sa%2BCKvkGeXYJJUsb%2BqBDGfKwYJdo2CuuLw2DqBUY8Dw0bPN%2F4Gm8ojPpjw%3D\"}]}\r\ncf-ray: a1a2074a8e79dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58488,"size_decoded":5642,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9def7ece97c458297c555e2593ca95c5","sha1":"3e6174db27455165a63c355965ba3153c25d97c6","sha256":"fd1b5c663d598223fcbe13fceeffec6a4681fbb849571b9fbd4d9506ad7d824e","sha512":"25b29d5f82d717414bb5df343eecbdc260e036d93ed3f5a29d88fc3c43a495b8bcfdd1478b7a0d9b5bc55bbd7baeeb3cfb618578a146d64ef95ff73a741704a8","ssdeep":"768:aVrXM1Y6N5vX6bwTcPVzMyIvIUl6vvntf848nt9ELP7kOES68bFlWDhNnwVA0e+Z:3v5NLv/h2IN+","tlshash":"a943f07e4b6c7c34f230029ac54e71d6b4c9b13fcd85560cf3b84a65cad59ea2a9e01e","first_seen":"2026-07-12T18:15:16.156124Z","last_seen":"2026-07-12T18:15:16.156124Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/10260.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.719Z","timestamp":1783880076719,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/10260.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"341fa-19e87ead644\"\r\nlast-modified: Tue, 02 Jun 2026 10:39:34 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WSm2BL2ycCrterOEC4KVBkd%2BRmUUTjQNHuSNAkULyngIGy5KLTYz9VM%2BUInSZ%2Bols72%2Bf2u%2BM4el1NNHAVSU67aPkF0ytBFIxVJ%2FXqgHx6CswRSKU0%2Be0DpzbknMAMgrh9A%3D\"}]}\r\ncf-ray: a1a2074f8f7fdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 213498\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":213498,"size_decoded":214910,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8abd15c7c82243f7f1bcfc01da0f9dd9","sha1":"2a7cbaf9fda3b75d09d22b9bcfcfd2ed5ead3b77","sha256":"6dbffd082137525d217970ea7459025b8e17cd4cff6f3124c737c9a181649021","sha512":"4af84cb47e5f98a5db589e57665b3206840b58e546e91c827e2704581606391ef87d65e23c32c9b82a8a899970b66a13e698c830d8992d1b36bb2642415cab06","ssdeep":"3072:lP73hNQFdhmSicyXxh75IObuYWaw64mXkjrwSzitUzuMosw2jNZW:ptNQjhmSicyhhWHar0jretU0CN8","tlshash":"da2423e1c38707d4c3ee5ae1d1e70d9b02b83b78109eb0048ded8994a9e59c1d97e1ed","first_seen":"2026-07-10T22:57:05.866145Z","last_seen":"2026-07-12T18:21:33.835618Z","times_seen":10,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/fonts/Proxima%20Nova%20Extrabold.ttf","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.763Z","timestamp":1783880075763,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /fonts/Proxima%20Nova%20Extrabold.ttf HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/assets/index-s28uPECG.css\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=A0VDYFWEYmKsn306; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.14; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\nserver-timing: cfExtPri\r\ncontent-type: application/octet-stream\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93d-1f9a0\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:17 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ovJ0J1uIt2XTHCg5PwhiHNqAHmnxTvHOoj8utNrKjfi9QwTWAJ6raV1a9sr7NX%2FhDXW%2BZRUgOYd%2F9z7BgRgb9gaFY58gbvTEwiTRv%2B0J072Q5r1zl0wEoozglzMH\"}]}\r\ncf-ray: a1a207498fd256b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 129440\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":129440,"size_decoded":130484,"mime_type":"application/octet-stream","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 30 names, Macintosh","md5":"ecce738438b07e0f2700c264633fc55b","sha1":"8d0e90e6a0f9dbe299f7f07c765df1626c1fdd20","sha256":"6cd9cca7999d5953f3c596cd7b4822d1a871a2d3b8b85823243ab1368a2234de","sha512":"5441a6b93c92e27fa185349be7289859eb7701537245b89ee5fd2bc221e46305bdbaf6024e7c9d8c11ea94a27f51036f5e0a76aad96335dfee7bb2f372c3c9a5","ssdeep":"3072:gcDXjxKwoaX0gLZOVKk/PoSR0Y5CURdoM2E8H7O1j7B3+gAyR1S:gxjVQSR0YjRWgS","tlshash":"33c34b43e383cf5edba999be9d31f3753616e67d6f6a330e63402079f50b2a8a050185","first_seen":"2026-04-14T01:08:26.757884Z","last_seen":"2026-07-12T18:31:37.683227Z","times_seen":24,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":273,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/d-zues-Brs_uoRm.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.856Z","timestamp":1783880075856,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/d-zues-Brs_uoRm.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=1iNGHShd4i1BCF1Q; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.212; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-27c46\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DuXgfAj2JGe6OaLtEGjYY%2B%2FtjpI2FTKDSEXNf4xKued%2FhU985lbnNn%2FBxft76rdTjVf9Ohv4WAyFcsvF7isFvGFc%2F%2FuAulGFzuQiFP7QYJtrSWxUkDf0ZwMdusoR\"}]}\r\ncf-ray: a1a2074a1fe756b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 162886\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162886,"size_decoded":163971,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"962bf5d8512b7941a01d57d32c49a3d2","sha1":"a52ed0616ff5073be1ccb5e63f56370aa0fd41ef","sha256":"2f69cb9f94d8c95c0ee6b9d33e6eeef64dc9ae4886ed4e8156506beb08475772","sha512":"35bfb0970c65146fc012369afdf61ee8aa33921d93fe97b880eb5a69beb592a0b4179fc6364397bb49ae0d7607ab4a9b5155954476abf45de47e512a43f545ef","ssdeep":"3072:ehuoS+qVEXcaY++mTvYE97Mfi59mbSF2wYHfhDLfR5TlaaGKlNllOurZNW1rGeT3:cuoYHP+JvYQ7RQFXfRh3lNfrZNW16eT3","tlshash":"4bf32239226af794b0f59ff6569826c411444c0f0fc1da9079b6f383627cb6eca86762","first_seen":"2026-05-03T09:25:58.529097Z","last_seen":"2026-07-12T18:31:37.722826Z","times_seen":19,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":354,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/d-phone-DGLb5d2k.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.879Z","timestamp":1783880075879,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/d-phone-DGLb5d2k.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=ziicTdC0IR2K6Dek; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=172.64.209.50; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-2dd3e\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nr5hmNe%2FRXqgoNlJv279y6rXYFBhtrsJrREFM0T8DFqaYukzn7%2Fqj8gYot7d6%2BPAtC59ybvEfDcwtJbjX49PEzOv%2Bsy42wDy4ibcQ6LsGrign0U2ncwNgdPSTHBO\"}]}\r\ncf-ray: a1a2074a4ff456b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 187710\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":187710,"size_decoded":188789,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d025311454404cb7edb954d465b8c335","sha1":"67f9be9ae70f95220fab0371079bde6908ba7f17","sha256":"bce4690101bdbf5eac323bcd11b0a4f0d724bfeab82f639635b44d9ced378494","sha512":"9f870c3f00f40fdd5bba968201cb7f350cc63f2ae4ca5daf98180d3d6c6f7eb7c5f505c3948ae821223d4f1c1b7e6e7e685f430b1b3853179d9a798ffc5dbbec","ssdeep":"3072:dRXCVfXk9JGyJ/JggV5WFN+n4LG6LV/ATZAASe8TqbWiVv3CJmWx:TCVfsJfJxggV54+16LVoTuASe8+bJVvW","tlshash":"d204239e834a0eefd42fef82523686fef644b547cac1a8d689d18c0d19042a73567d54","first_seen":"2026-05-03T09:25:58.529961Z","last_seen":"2026-07-12T18:31:37.700892Z","times_seen":19,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":376,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/gift_top-CVczyCaQ.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.322Z","timestamp":1783880076322,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/gift_top-CVczyCaQ.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ziicTdC0IR2K6Dek; __ddg10_=1783880076; __ddg9_=172.64.209.50; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=ZnHb6gjVruTIjpmo; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=172.64.209.56; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-8836\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4uQRVUplvo8dmac0WAkQcESb2vktAZ%2BgEn%2BOpGKCn%2FrhKffUSEwTnYg1cIicXQsGRic9BuHumY1u4SwfCd72%2BmL7DBPtTOJQc2wfVdL9mjRvZOSE%2F8eJLfZodn9r\"}]}\r\ncf-ray: a1a2074d084856b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 34870\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34870,"size_decoded":35949,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6b8733c79c48b53b6462523f9de03fcb","sha1":"14073d4601e11f5cab29674a2949b05b5e549fe9","sha256":"c648bbb0c45d11f24a8fa6931655c0cd94c14fa31b9c0326d333d2c8b36b5dba","sha512":"fb1f0a39d948404267b5486c7c6ae9474a85f0cf56ece4f291ab20b2e2d4d5195cc6b1fdf7fc34f8717a70d5fa666f88d949cbe36387e64356f8bb4186796cd8","ssdeep":"768:CacY9XQsOkKCYJDp6UAzuuEvD6fk0kfMaJKkele03PNcldFYyxfk:CFYel1DpwuNvD6cDfI36LFY9","tlshash":"acf2e18b2a267253799ff19fd48bc5621d70a6810193ded44223b41ffe8ed123935a72","first_seen":"2026-05-03T09:25:58.447757Z","last_seen":"2026-07-12T18:31:37.620237Z","times_seen":19,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-road-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.695Z","timestamp":1783880076695,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-road-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"13ea2-19e1889de90\"\r\nlast-modified: Mon, 11 May 2026 19:35:49 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KS%2FeKH5V4%2BDA4MmLDSWcdL5mYeaP5vUZhkGah0f6LL7hHe10A%2FelncIOTa%2BlGJZZJOX6tPUl0g1FuSKNvvTdKUL3AVy607edLU%2FeKWm%2B3jD6vRXqnSFh5imO%2BgHRegV8HZg%3D\"}]}\r\ncf-ray: a1a2074f5f65dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 81570\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81570,"size_decoded":82981,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"bd31dc34709ab28154febf333c9d7b61","sha1":"957e8b303a3a7eac3058fbb67cc82c673569388c","sha256":"c4a2ab24afece8e542c58e54a15c9b5ba387d224aec670a881d89cfc49f63f8d","sha512":"e77dc104b82d541bfbc1dd6a5195a6a9f7bc24e32e4acb2764a0118427fba1bee9b07b4716d3f4228fff4205b447c79ca0e9ac5af12d18e6eac868af1ec8b9d5","ssdeep":"1536:XtLff+jHHoz3d9eMxKlXfg7N2OT0RyDxbH+pMEaJUIitksm:Xt0nUd9KXfg7NrmytgMhitkL","tlshash":"c28302daff75e12428a5d3a7a117770c421c9ef6e2bf2ee12c1a517a50efd84b812314","first_seen":"2026-05-03T09:25:58.558516Z","last_seen":"2026-07-12T18:31:37.658289Z","times_seen":19,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/bg-free-money-R7HNNOGD.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.854Z","timestamp":1783880075854,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/bg-free-money-R7HNNOGD.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=Su5quiVyVERFDx1y; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.50; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93e-1b970\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A0BF6ajSYzkNN26sKNLVJ6rvTlEwyxQDxNkNfDEVIK0S2e6H81Caneq%2FHvrP4%2ByFm4v%2FOBCXrKajqVqMcIBPBhynXYg%2BadeD1y8bG%2FqqOMbCq7k8cLs799HdnBnS\"}]}\r\ncf-ray: a1a2074a1fe656b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 113008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113008,"size_decoded":114089,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7ca92464f796384e06d1727f8c742c90","sha1":"117d206848f00d51604884094a3efc00488c3e78","sha256":"0ca6ffa09c80486a780f44eb589385e110f9f35728ac08ab803c478da70c4f01","sha512":"916cf61962e80cca16f56de5d75b7f23c3d00eec52b4bcbd4734cd78d9748e8a066e3ba549c6c5f140275ca5326c1f594a5045aef5a45abbb0a9b2aa18206750","ssdeep":"3072:bfs4Kj7sjohw0qKAf3losUk9JnCVeALjcDXyUQCddTYo+:bk4asjohw05Aash9AvLUQCa","tlshash":"91b3120b2b15d14925b30185246719e5d2f7f3e9dabee3860e8602711fdeeeeacb1070","first_seen":"2026-05-03T09:25:58.469503Z","last_seen":"2026-07-12T18:31:37.739262Z","times_seen":19,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/werder_bremen-06cJMe_2.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.919Z","timestamp":1783880075919,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/werder_bremen-06cJMe_2.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=yftMsgXhcn1Ff0Eq; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.127; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6a51f93e-2c57\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DHxuWcZAwg5mE3aBCrwS8XsPLKgz6oIARKDFo4i6Uvyhp6S2MxhLa%2FklkS8NKVRk%2FtjklmTRwA12Ixx9KVhUHDMetwBrFb6i56yVqEt0JBnQW%2FPiaf3xi5wLcnLs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a880556b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11351,"size_decoded":5168,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9bf3a09c5db8178ee8262acb3bb930a4","sha1":"5032a3c1f0f3f784ce17f6b8370540e5c2891d7a","sha256":"4c5c02448915860d44a50f469bee4fb82dcb088732b31453fe094e85dcc2070b","sha512":"52ce5d3074909e7460d144c21b3fb496c10ee6c09efd602e1ea52f205daea3e11752627e45c889c23a26a08f2a580729acbe0687555344b4311a861f37e991cd","ssdeep":"192:W/uehQxb9c9qniNEgj9pZh9nTd0f6WYsFL2PcxX7NBZl447mGRtejVZ:WWTeHNZ999nTezYsREcxX7fF7mGyjVZ","tlshash":"3f3240cde7ee82ecb04357f99a611cb4291b05f52740cee9c7b71a11eca246e8c31883","first_seen":"2026-05-03T09:25:58.568484Z","last_seen":"2026-07-12T18:31:37.753447Z","times_seen":19,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"op-api.gambl.bet/track","fqdn":"op-api.gambl.bet","domain":"gambl.bet","tld":"bet"},"ip":{"addr":"104.21.8.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.038Z","timestamp":1783880076038,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gambl.bet","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Jul 2026 15:26:36 GMT","end":"Sat, 03 Oct 2026 15:26:35 GMT"},"fingerprint":{"sha1":"C6:89:9C:7F:59:81:87:BB:1B:D8:C8:FE:CF:81:CD:0D:A4:E4:D7:DB","sha256":"48:E2:DA:EA:3D:13:BC:5A:36:A2:07:52:61:24:2E:FB:51:32:16:AD:7A:57:1D:93:D7:96:51:0C:D4:12:39:FA"}}},"request":{"raw":"POST /track HTTP/1.1\r\nHost: op-api.gambl.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json\r\nopenpanel-client-id: 3ad6ac77-f30c-4a99-95ca-7c2a88051ecb\r\nopenpanel-sdk-name: web\r\nopenpanel-sdk-version: 1.4.1\r\nReferer: https://diwins.bet/\r\nContent-Length: 208\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":208,"data":"{\"type\":\"track\",\"payload\":{\"name\":\"screen_view\",\"properties\":{\"__referrer\":\"\",\"domain\":\"diwins.bet\",\"__path\":\"https://diwins.bet/\",\"__title\":\"Diwins: Most Popular Online Crypto Casino \u0026 Prediction Markets\"}}}"}},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=tX2FVsLBIhYsdXNw; Domain=.gambl.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.gambl.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=162.158.222.35; Domain=.gambl.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg1_=hirTlHst1rvEaNIzCOsY; Domain=.gambl.bet; HttpOnly; Path=/; Expires=Mon, 12-Jul-2027 18:14:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=utf-8\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\nvary: Origin, Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=buCbH3nQV0EC1CDu96WbLDJaaBS%2FXyysR6uuu5MR8HqEk3vosGhx4RhAo4VNEScdbowvEoLrbqkC11us50gCLmOgjZTcJMbC6BDgRNzP6%2ByC9vuaU92H3p9%2BuqzqgMAszi90\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a1a2074d5bd356a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84,"size_decoded":1196,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ecf8fd915561a26588bc1b7d08b734b7","sha1":"79754b0218a5bf8349b260667d7ecc34b5a9107b","sha256":"dfd6cbcd7e637d47cfb610a880b917fb17ba9b7a8c10f05b0924205dbff74218","sha512":"b127df47a5f5df47b40efbb360cd88a3b45ca8bf30521b4574e3a6e35cab83c6cf65e8d4f860112cfa6d47a12ea9e24e8ec3ed28b51ca4b491e04ccdc07a919c","ssdeep":"","tlshash":"16a0240174404c1d01f141447c0d13d0c1704c00d770737410f433447347cc5c0505df","first_seen":"2026-07-12T18:15:16.165353Z","last_seen":"2026-07-12T18:31:37.736031Z","times_seen":4,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"op-api.gambl.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/Rectangle_Background_Gift-ZyELKzat.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.320Z","timestamp":1783880076320,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/Rectangle_Background_Gift-ZyELKzat.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ziicTdC0IR2K6Dek; __ddg10_=1783880076; __ddg9_=172.64.209.50; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=WE0mvkSlfJuJXX7O; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=162.158.222.56; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-c4ee\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dgy%2BvDpoNLkHjVoGP6JLafBGPCt%2BzBLbSS9rBjDj66yKpMuchbaueq%2BNciTNnzXymX3bEqRrKa7A6GLZd8L%2BtfZb48r8vY8ZqAtvb3rf9ctMeTS4mWtHF4bMI3Oy\"}]}\r\ncf-ray: a1a2074d084656b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 50414\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50414,"size_decoded":51492,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5322f2e335d72f894f2fffce2673b8c3","sha1":"5cb9ccc9824632b194695771df6048155bca5ddc","sha256":"892cab16a807c849ed6e01970b026b8d4633aca9fcbddafb881ad0212b852623","sha512":"26722876414fe2076407681721183d38d0701318aa86e50ace33b64a28c2680b8fc35ab227e46213df07a419418dbaa48071c7aa40e260aa2cc9a31619a8e4bb","ssdeep":"1536:4a3cBVQTKS09xj2KirM37v+meJBJf1j0ru+jVq:NsvnS0XyKrvA/4C6q","tlshash":"8633023e1e6697bfddd10d107d43c5c14b28e7eeac8dc8cb912217894d22b2bbd28846","first_seen":"2026-05-03T09:25:58.41672Z","last_seen":"2026-07-12T18:31:37.717883Z","times_seen":19,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20sugarrush.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.701Z","timestamp":1783880076701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20sugarrush.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"74da-19e87ecb05f\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:36 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w%2FbfeLFNaUxNQUz6MdOqPsP%2FPaGsEfmg%2Fq9lc1dN7JKPaEV2urSBvPezqv36rTl9G%2FGZoHdjQeHirC95ss%2BQPjp6ychzPwDY4BVFbylsjbDVkGcK5kHrwYW26Aj9fqt9K8A%3D\"}]}\r\ncf-ray: a1a2074f6f6adfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 29914\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29914,"size_decoded":31320,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f5d34e92022a20b828fc43e0f5325f88","sha1":"84d7c51ff977d6dc7cdd6ccadb5524c617720840","sha256":"05f2eefbc3a7a73ef1cc83b31710ddd700b1e3f3ff4a23134de10b7b06d12a3e","sha512":"2c9637ef738349f0817dbb21371d276b68a06ece886665218e45d004fabb277af7e9b742c146cded525cd5443c243ac727041f08a0b1e5cd1552405f6323acb2","ssdeep":"768:bfrq1WWjyHPGdsVtCOsirTXlW5T7YujH5JazIUo8iVA:bzqUXHPGdsPCBOTV6TVaMR8R","tlshash":"6bd2e1b7010bb490789250d8e1129e9dc1f31bb5562757389cf889a318f6c727d26fec","first_seen":"2026-07-10T22:56:48.118862Z","last_seen":"2026-07-12T18:31:37.67408Z","times_seen":15,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/four_footer_icons-DtogFTme.svg","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.928Z","timestamp":1783880075928,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/four_footer_icons-DtogFTme.svg HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=eM4KSIA4am9CdPYy; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.219; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 18:14:37 GMT\r\netag: W/\"6a51f93e-becf\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 4\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=itdKeGXLcbE7DJHz7tos8UsZgYNWQQtrviqVH7dTkjOCBSko2q0hVLgs%2FD9xU4wo9NWPcl39vDZ%2F5GxINsmNmYH8xl%2B6P9EOcssuZxNEKaiHLxYSiBTOXzbgWAVc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a1a2074a880a56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48847,"size_decoded":20056,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fb5e1c21811b02433e586468542b46fc","sha1":"b776f6a1ed3d0f7cba4865735c2aed1a54752747","sha256":"01b97b17936fb9f2e013354e9fce99a64a42ad4d714fde061698c7f9dc05ef01","sha512":"4d491365985e196b6f3849a7bb2c1e7d191dcc482a6f1f91c86531c84f4387a1cf228f1ed0f098ee8991d03af21e429ea6095b635e790b7d889b06396ed692fe","ssdeep":"768:JlxkPAA53GZV5JLphzrTboxLc6B4aScK9PIY9BIe:Ve1GH1nsymhTKJBIe","tlshash":"1f23a3ff7be421f0a046e7e5ee328475755b68fb7b92cf44c3889e947952098c889c81","first_seen":"2026-05-03T09:25:58.431523Z","last_seen":"2026-07-12T18:31:37.681153Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1162,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20olympgate.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.703Z","timestamp":1783880076703,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20olympgate.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"6cae-19e87ec872f\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:25 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fGvX9xS7nvUXgypjAck8EABb0JDTnUOvhMHwW4Sb63aJ1HEOvPVtbskBJ1gB3%2FQRECHfhEN1cOrjrKZSVOKMm%2BpU3YH7z8MSqeZdtyVgAEqZ5HhrJ9CRO07Tjwr%2BmbN2tIA%3D\"}]}\r\ncf-ray: a1a2074f6f6bdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 27822\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27822,"size_decoded":29224,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"67a9f14667062ed7354e711966e13f6f","sha1":"df69b5e3720f0d72981cea8b6b242ae18a9087c8","sha256":"8fc1a0ae668b1bcfadd45af5b0c9184a82c16e186ee88db6b014cd58e893950c","sha512":"5740b95c0ddab506d7eecaf3d558766255036bbe35f15623dd226d1a6fc71e97c0103b8045436c8c50266a0ea7251f7ed92dbe9da176fdee6cda78ffd6ab5066","ssdeep":"768:rSI0kwqIQwzv8jgHqYBpvaphCvCV5wDH3bF:J/wZHTVvCVWDXb","tlshash":"fdc2e131f92236dacb45f3f584d1c7c0123f1191589e2316ae9921b5e2f87ea7c5239e","first_seen":"2026-07-10T22:56:48.1Z","last_seen":"2026-07-12T18:31:37.704642Z","times_seen":15,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20wwgcluster.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.704Z","timestamp":1783880076704,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20wwgcluster.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"64b4-19e87ecca23\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:42 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jQ0o97dCN%2FLv0bzm9RO6uJZp2vHnKcpWd%2BtXcl2WJWuK%2BaHyaidB7u%2F6h%2FMEWs2fS45x2PyP%2FxbR91TqNPPSPlbbaGhFaXOFymALRodVeAponISgTV62pxpyMfl%2BB7QpL5Y%3D\"}]}\r\ncf-ray: a1a2074f6f6cdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 25780\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25780,"size_decoded":27190,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"466585300847fa0e13987ef5dca6b7a9","sha1":"90fca47f54ecf010dd26cb69ce2865921c028dce","sha256":"9ff5266fea78992d2da49b274dcaad4c97241690a59d0d532e1b3c28090fc815","sha512":"ff9d83dda4da71c8b00c3bf981285093a45f7f48740845a72719f038a072e340284e0750e2662395cb2f1525d423cd5072a388a734139f7e56b62aaa10ea2a81","ssdeep":"768:6Krbogtb1sc931tNEV5/iP7cTPTGfdYjj9g/HhsgoayC:6yMgt5/fyqPvfQj9DEy","tlshash":"03c2e1630732b2b96d7aa69cf89e2bdb115f6011b38d107750a2387dc016eb734242f2","first_seen":"2026-07-10T22:56:48.045744Z","last_seen":"2026-07-12T18:21:33.822379Z","times_seen":15,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs20doghouse2.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.705Z","timestamp":1783880076705,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs20doghouse2.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"5ff2-19e87ec3977\"\r\nlast-modified: Tue, 02 Jun 2026 10:41:05 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E2rZXsSzA3rv%2F0YIfMI5spb5lrZUfzvFiNyHe3mArW%2FJuugKWjMBk6PNlZw3mm8uvsX7v%2BppxFJ3eGu17Vb1xXehI4%2B%2BzOZ9b6xdN94z4ulQ0dNGbRsCtIMesQrZYzz4fKw%3D\"}]}\r\ncf-ray: a1a2074f6f6ddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 24562\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24562,"size_decoded":25968,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x472, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8b8375cc142490d5c100642b6e07708b","sha1":"136e02d0079c82c415c54ce9c4b38e453317882a","sha256":"9ffd8d162fb2081b6938efc5eef9466b92a61ea81de30642aee9da49af78eb83","sha512":"6cff72933a3d0056f09ad8ab14a40915177014f0cfbe97e5b37e0e4b979e8dd8a5a1c0ea7b7400db86c01ab20b418f302db1940605cec8f9efa4c606269ffc3d","ssdeep":"384:MK58qfWdepslW9FZKJ6I6GyYXOqZly2YGobRpxgiMs6QA2tbdtP0UAm/qm5P7sHx:58qfJpslW9FZKJt6vYX1Z8J7ss6ytbf8","tlshash":"b7b2e09c5a14ffc5075017c91fb3b0c38dd04b7daf5ea57998debc4a44a1230a8fa41a","first_seen":"2026-07-10T22:57:05.853292Z","last_seen":"2026-07-12T18:31:37.705857Z","times_seen":15,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/fortune-tiger-pg-soft.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.708Z","timestamp":1783880076708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/fortune-tiger-pg-soft.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"2c576-19e9f3746e7\"\r\nlast-modified: Sat, 06 Jun 2026 23:14:20 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B5FHNzuvpQygtdroTc9RhY8%2F0dyj0KiUjHM0grBQkTii4l1UC0P3ZvfsfspcxJZOE0RBY%2FvWdBmFfBDWBEYyvr6WWofSKBPWmAxgfdSLnYv4%2BhTxAcgj929uPaVMBuu50Pw%3D\"}]}\r\ncf-ray: a1a2074f6f71dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 181622\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":181622,"size_decoded":183026,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"99aac2f45cba52a0def8db674c0f9838","sha1":"6705d3749b573a2b8d6bde3c442f9504bdfa40a1","sha256":"6f144c10c96b38072b03c2e48db04c6c2ef2bff25040c444a2265b4fe1c12f30","sha512":"ad96314ff6a420426915e64f3d6c5a7aef7561dca3888d4c4c306866b6d4cf61fe44c5e1940ab995609664b9a673194baec7b4229bd13e1020f2a046a2e65a44","ssdeep":"3072:syoRKgdJ75VrUb2JCqvdjNWerJsCdEnRyFB2yb8vFg3/U9geulpSOyydXLe:slj5VhHdjEwJF0CBHbF7lLDd7e","tlshash":"8704123e054c51bfbcfecc87ba986dc88be553e2424c2a93744b660d563392e91f84d9","first_seen":"2026-07-10T22:57:05.835099Z","last_seen":"2026-07-12T18:15:16.170414Z","times_seen":5,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/vs10firestrike2.webp","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.709Z","timestamp":1783880076709,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/vs10firestrike2.webp HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"a402-19e87ebe137\"\r\nlast-modified: Tue, 02 Jun 2026 10:40:43 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aIolwZSNlV2g2hT2LCUMaPIu81iXcu6GZcKPXY7q1O8IYcFhayf8Z5ixizfyI0iRH2kZPw%2FWqsj2m6%2BiBuI3SYaj1xogYE0xf7YA7uwrRth7YaM0hFE7qsVrFo2z%2BeCH194%3D\"}]}\r\ncf-ray: a1a2074f6f72dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 41986\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41986,"size_decoded":43388,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x472, components 3","md5":"7c469b9fc23267de90000976fc025224","sha1":"cfb377359ab8dedf7cf8cfb06ce96d5217de1bd4","sha256":"5d6a9d29a39c65ea5052c2bcc60be88addb070b703e4623ef4016ac258c54cdd","sha512":"583657bed6754dd78c03cb50902b859b1b0b3235ee3edede73db247d3f34a604713ce74e287c06ffa5303e0b2088caaed1fd1aa058d40e77cd2826a6b779c45a","ssdeep":"768:cyxYznxPYzs/cIZWSbpufh6YGTVOmCdu98twVD0zK2eDWKp5icd:GznGI4SbpYsYGTVOmH9gDRPKu0","tlshash":"b113016b3ea9a0f0c59ffdf031fc8d6b9a54f83a511cae6d5572081785787e0806c72a","first_seen":"2026-07-10T22:56:48.090528Z","last_seen":"2026-07-12T18:21:33.845735Z","times_seen":7,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Fredoka:wght@500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:34.400Z","timestamp":1783880074400,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:24 GMT","end":"Mon, 14 Sep 2026 08:37:23 GMT"},"fingerprint":{"sha1":"85:D0:EC:C2:01:33:25:23:96:FB:2B:54:90:54:84:07:0A:49:1F:03","sha256":"9D:7C:1C:9C:6A:25:1E:17:E0:DC:FD:42:95:CA:47:3D:C1:9C:20:FB:22:47:02:E3:27:EC:7C:62:03:30:83:BA"}}},"request":{"raw":"GET /css2?family=Fredoka:wght@500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Jul 2026 18:14:34 GMT\r\ndate: Sun, 12 Jul 2026 18:14:34 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3780,"size_decoded":1186,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"dff37f530356962f9042a52f2e2d9e04","sha1":"4a10361ecd34c94ddaec3f82bd97736306878225","sha256":"b4bd5c6a85689354d43184dcec1d502ad4b5627d7b2b177f5ab6b11df20c3c6a","sha512":"09ec8fe6a71b99c8c4f58bcf6b04f162be9e6a0f75ee30c664e20af5e461a300daf3f90a10ec7789eec52ac8ee2afedda821dac8c5ab74eff65bebc118263aba","ssdeep":"","tlshash":"3171cd91041f5184eb835dd163da7e36ee0f60516818d4669bfd18e8bcead72831271d","first_seen":"2026-05-03T09:25:58.421196Z","last_seen":"2026-07-12T18:31:37.738662Z","times_seen":21,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":17,"send":0,"wait":33,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/bg-slide-lucky-wheel-Ddw8ZQMc.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.845Z","timestamp":1783880075845,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/bg-slide-lucky-wheel-Ddw8ZQMc.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=OC2A1jHlowSR7jZr; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.34; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-f502\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D9AMR3tepLcJd4wR41s98bTsjiijnK7L%2BRQP2klkVwpv8jMGSXbHhCTeePM9kQl3TTNKK0q9Q9gmk%2BKWPz%2BPLV2MOzpu2cFyd9Wb%2FC9c0c6Tn5q791yWSBhNpOJi\"}]}\r\ncf-ray: a1a2074a0fdd56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 62722\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62722,"size_decoded":63799,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bc04477806c1dcf00c7fad09ef68ff6b","sha1":"a48f3c2bd9829cf44e29eee46cd0eb55cb21f8cc","sha256":"18babb47c1c193d5440fd86038f0f465e1c26a0c47ed853ccd21e925e69f0764","sha512":"4037b9a74e29e022472e446de1a26bccb5d575bfc06055aa3e3d5dd72e42a69992d7aca6411ada5a240e28e4a0fa58bfab2fb18b90e1c71e54f3ba75eab77f8e","ssdeep":"1536:vpeEBohdydYJtVmLGf4bCSq9Fu6zqh19olG+Afh4FNdPumI:vpe6udhbTf4WFvzYAlwJ2N1I","tlshash":"c75302c1518b3857f38b2176671ffb434217c2a357b092b317723ebd0d28a76272a852","first_seen":"2026-05-03T09:25:58.510307Z","last_seen":"2026-07-12T18:31:37.657588Z","times_seen":19,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/fortune-wheel/items","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.881Z","timestamp":1783880075881,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/fortune-wheel/items HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: W/\"2e4-sff25hHekvz23YgNGT+WHtH94WQ\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Uz4Lar7tgGap3v4q1JvId2roAa28qogue18gujew3tjyY1R%2FXH5NUYXYoXEOv05YV3%2FoxGsG1aiuTrWNsuf2iuu5%2FhIYVAsPfj0%2FOFIvmgJ3EK%2FJnsxphjAvxinCHJ9R294%3D\"}]}\r\ncf-ray: a1a2074a4e73dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":740,"size_decoded":1479,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1542203cde8d57fd871336cb9861c0fb","sha1":"b1f7f6e611de92fcf6dd880d193f961ed1fde164","sha256":"aeaf5e6636adf6e24900124f6a6713b8fdfe6e0fa6c17b1926b14e6311df9b5c","sha512":"99d64f0de3b76d1c2d00610682417299481a7d21a5eb84d8f0ca4c7ae1d231d6b2ce879a12f91e63de3b1b33193699f4c27b617c27b93ba19e09437c56fe0052","ssdeep":"","tlshash":"a0010a79387dc9bee011a8c9f8c289b5f1693146908d4e7415ddc43c67cd4d0b419f3a","first_seen":"2026-07-10T22:56:48.026435Z","last_seen":"2026-07-12T18:31:37.686575Z","times_seen":18,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/support-4Z33OB_R.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.885Z","timestamp":1783880075885,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/support-4Z33OB_R.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=WPYybFQEpaBxANWP; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.78; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-b536\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tf1TXJqMGfQVlryilUrGtm0S3XSARWM8fBzJ%2B5acULT8kXY3gxSma9PeOY78y4kEYr8ePwfiPSxNI%2FHh7Thmm6G6euC5xnjwgtbyp9%2FFUqHRH5eFe2DJzct12Ip5\"}]}\r\ncf-ray: a1a2074a4ff756b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 46390\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46390,"size_decoded":47466,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9be49a67675fe3aa2c6dc15f5ff61c95","sha1":"76650d568ad89db5c0e0c0cd2a5833965e169ae4","sha256":"6349248b1e8b1735cd5ff25b389e4f5e0076229f8b7701bf13643e03768d91f8","sha512":"2c072a313c2c1eaed604454bfbfdaf2a8adc59cc23a65b99f8e6ebe5dc8623f7982560b6fbc7e6442cf59e869f10f3fe657bad6be5b4c6c5e3a2d25a3912149e","ssdeep":"768:fKyqe5a4UGSX6VOeZpmP38keRXafldax4Gvm7oZFq/ZnA6PbxioHsoSz+Fd92liJ:yyqcaS+Jqpmf8k2addq/vm7oZ0/ZA6PT","tlshash":"422301b995ea4692fccd1132652e932b80219f753954c4d6e6dec43c8987c18efabe0c","first_seen":"2026-05-03T09:25:58.462667Z","last_seen":"2026-07-12T18:31:37.629334Z","times_seen":19,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/20FS_image-CTw73Nm_.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.935Z","timestamp":1783880075935,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/20FS_image-CTw73Nm_.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=4bLTwy9xCrjrLgrt; __ddg10_=1783880075; __ddg9_=162.158.223.5; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=q0zajfTIpsBZCclp; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.82; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-9f2b\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 1\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZkHMGbomf8TvGlXLHFdkQrpI8HEfZ5sRgbfG1Qw2gDR3JgLHr73SAc0ZWQjQroKOGc4vf0Ig5jJtoa%2FT3XYcPaUy%2F%2BIN0F%2FA3jIdsNFmM%2B6AKJeEZEv9%2By7pfEOp\"}]}\r\ncf-ray: a1a2074a980d56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 40747\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40747,"size_decoded":41829,"mime_type":"image/webp","magic":"PNG image data, 139 x 178, 8-bit/color RGBA, non-interlaced","md5":"97564493dca4d562ff94dc225815a45d","sha1":"d14dd698c42d2aab8e996cecf83924fe270c47ed","sha256":"6e7dc280727fb9557f78c8bc6accbe542ab96afe23ffa650abced9d7b433efde","sha512":"d9306172861ed71a7541d339c94e1ebd58462ee118a3e6ea68125d9b2fc44f0461851293f642f9e3868f8f13ed04774b94f562baf0cf053ab29e6d701b7fac68","ssdeep":"768:OttvaqnJ6/TQs4wWW2ycvTzibk+8ZpAC0O+I1d708WdQoJL6IqInZO039:+MAJ6ssJB2ysDP4SFDDo1Tnk039","tlshash":"3903f132856b11b3229d8e433b24674a8cffcf8337e0434866dcbf99654e9bd5e50046","first_seen":"2026-05-03T09:25:58.478441Z","last_seen":"2026-07-12T18:31:37.656669Z","times_seen":19,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/api/public/currencies?domain=diwins.bet","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.219Z","timestamp":1783880076219,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /api/public/currencies?domain=diwins.bet HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://diwins.bet\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: application/json; charset=utf-8\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"537-2plYJH1Lw7PEzf8GHGHwzEqocE4\"\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gpv5BdcqZcXC0HzVQfxfW10iq0NBcPYufcJHuu%2BJR%2BoKyJYoxzrsxBhZ1FOy8gTkIMrCFJ9ky67bqIveb11H%2F88YVTgtghl3zWTCn76VS3PSa9EeLQbmnU8v%2BrJjk68OTLw%3D\"}]}\r\ncf-ray: a1a2074c6ec8dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1335,"size_decoded":1863,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6570525e50a2cfbd4ff33e7476766908","sha1":"da9958247d4bc3b3c4cdff061c61f0cc4aa8704e","sha256":"4f84ea1d0dc3b4bfe55a1d878bf5f7ef171d60a51bba26083f96b22a333650e0","sha512":"cd74e1e954fee118bedca35362598cbf1f14259730cd054acce7944f32c8bc65797ee0c6e68991a739eef3a1c4bee15dea1f197dcf498907a20e014c67a7887e","ssdeep":"","tlshash":"b02119ab786d9e7e0247fce6108e4bed726d618200cd4ca96dd80a7c4782ae5526b734","first_seen":"2026-07-10T22:59:10.553987Z","last_seen":"2026-07-12T18:15:16.17412Z","times_seen":4,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/gift_bottom-DP-TDRai.webp","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.321Z","timestamp":1783880076321,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/gift_bottom-DP-TDRai.webp HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ziicTdC0IR2K6Dek; __ddg10_=1783880076; __ddg9_=172.64.209.50; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=VBrtlJ6kvRvMwrfE; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=172.64.209.70; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-d20c\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EydYY7PFUAL098gM2TS5q%2Fji9srBNjO7iVaCRdc4Suik8usTWhlzML6t64909cIN2vYRTBD2QMIHLSErXJPKbuEKX%2BKCB5Mf6%2Brxefr5XAbN64PG3qJY83%2FFvLmB\"}]}\r\ncf-ray: a1a2074d084756b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 53772\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53772,"size_decoded":54849,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c65662c6b87ce8ca21e63690a9620d42","sha1":"a7b0c23ac295b45a1606686c1af683c53d863107","sha256":"262cf86dac4d7f23654ee92e9693edfe1743ad825b7f0a9ed083114a624139cb","sha512":"e08134fa8aab3f309a661d8f10917344cb939050b57c9af6aef672d379b9831be6ac5332056b114e50ab86eef0f659f4d3f8a7c33d73805768a9e3b3dc6cfb0d","ssdeep":"768:ljqwJW6lBWsL9VPSn8oOwdRsxTe8ZEaZzWTaHRSHlsjbKQsEXo:ljqwHWsnhoOwdRshTEapWhstvXo","tlshash":"b033f1346f841cf5e008b774de992101d36b836f639793d30117e4a6aa48e27f798bb9","first_seen":"2026-05-03T09:25:58.55733Z","last_seen":"2026-07-12T18:31:37.617952Z","times_seen":19,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/fonts/Proxima%20Nova%20Semibold.ttf","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.773Z","timestamp":1783880075773,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /fonts/Proxima%20Nova%20Semibold.ttf HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/assets/index-s28uPECG.css\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=TUSsPxmOTFbON3e5; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=162.158.222.127; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\nserver-timing: cfExtPri\r\ncontent-type: application/octet-stream\r\ndate: Sun, 12 Jul 2026 18:14:35 GMT\r\netag: \"6a51f93d-1fec8\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:17 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xTW4r43Ry7qfLa83FzZJhvFfcjaB%2B3PRt99lc%2B7UP7pEulLFGt2W3dZRBAA0ZXviffEEOzEgcF76erndtBO3uL%2FV55w6XbWF6gLYajhCnHeRevab%2F4kCTTEQkt1A\"}]}\r\ncf-ray: a1a207499fd456b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 130760\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130760,"size_decoded":131806,"mime_type":"application/octet-stream","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 28 names, Macintosh","md5":"3510e34fcc8e060e13e69a6e9272ba82","sha1":"76dd51cd14bacf7f8a4c3be19d58de6e4c55dd03","sha256":"c6588560d54a7b904bbc04ca47495e897dd6e9bce843d37757da566e5089cd63","sha512":"72754ace481a7bb50bdeb1545f53abd9846d217ac4a3c5e8a2d40dca5293c5db67efc99225d1f454d98960473388b4b82120d51529fb237028d2994674c9b08a","ssdeep":"3072:0HYa7NyOQIyhKsNBHcdGF/XmHuXo2E8H7O1j7B3+gAyR1K:0bcHPWHOcK","tlshash":"7ed38d4ff383dbffde55257eaab0f7b5325ae53c1a5d330daa445179e0190e8088068a","first_seen":"2024-02-19T16:27:02Z","last_seen":"2026-07-12T18:31:37.712229Z","times_seen":39,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":478,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/fonts/Proxima%20Nova%20Extrabold.ttf","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.775Z","timestamp":1783880075775,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /fonts/Proxima%20Nova%20Extrabold.ttf HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/assets/index-s28uPECG.css\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=LqONK7KHRp9hYtpe; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg10_=1783880075; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\n__ddg9_=172.64.209.14; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:35 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\nserver-timing: cfExtPri\r\ncontent-type: application/octet-stream\r\ndate: Sun, 12 Jul 2026 18:14:37 GMT\r\netag: \"6a51f93d-1f9a0\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:17 GMT\r\nage: 4\r\nddg-cache-status: MISS,MISS\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oCETQiVSiqZNihbyj0iD6hSx6EcpFv8SeYEnN56bk%2BYTU66RHBOdWLvdTmKDTE7rXU%2FrQtJ8xeq4%2Fw0F3y6aiKcGYceH%2B%2F3vcARMymDHQnKB%2BpcQoeCDt%2FEZW6b0\"}]}\r\ncf-ray: a1a207499fd556b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 129440\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":129440,"size_decoded":130518,"mime_type":"application/octet-stream","magic":"TrueType Font data, 15 tables, 1st \"FFTM\", 30 names, Macintosh","md5":"ecce738438b07e0f2700c264633fc55b","sha1":"8d0e90e6a0f9dbe299f7f07c765df1626c1fdd20","sha256":"6cd9cca7999d5953f3c596cd7b4822d1a871a2d3b8b85823243ab1368a2234de","sha512":"5441a6b93c92e27fa185349be7289859eb7701537245b89ee5fd2bc221e46305bdbaf6024e7c9d8c11ea94a27f51036f5e0a76aad96335dfee7bb2f372c3c9a5","ssdeep":"3072:gcDXjxKwoaX0gLZOVKk/PoSR0Y5CURdoM2E8H7O1j7B3+gAyR1S:gxjVQSR0YjRWgS","tlshash":"33c34b43e383cf5edba999be9d31f3753616e67d6f6a330e63402079f50b2a8a050185","first_seen":"2026-04-14T01:08:26.757884Z","last_seen":"2026-07-12T18:31:37.683227Z","times_seen":24,"resource_available":false,"data":null}},"time_used":1400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1365,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"diwins.bet/assets/claim_reward_wheel_collapsed-DCJ6-LHa.png","fqdn":"diwins.bet","domain":"diwins.bet","tld":"bet"},"ip":{"addr":"172.67.183.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:35.840Z","timestamp":1783880075840,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"diwins.bet","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Jun 2026 13:05:29 GMT","end":"Mon, 14 Sep 2026 13:05:28 GMT"},"fingerprint":{"sha1":"A7:F3:BB:C6:06:7F:AB:80:AF:B2:E7:94:41:9A:BE:D7:D0:7F:8A:2B","sha256":"B3:6E:92:E5:6E:91:67:00:5F:51:CB:7A:8C:09:1A:EE:DE:99:30:AC:2E:12:B8:23:7A:BE:1D:CE:2F:8E:E2:76"}}},"request":{"raw":"GET /assets/claim_reward_wheel_collapsed-DCJ6-LHa.png HTTP/1.1\r\nHost: diwins.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://diwins.bet/\r\nCookie: __ddg8_=ujtkZCoI2BffwROU; __ddg10_=1783880075; __ddg9_=172.64.209.56; __ddg1_=pERIjIW19ruO01oJNXnR\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\nset-cookie: __ddg8_=kNVXG7m917FfqlvB; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg10_=1783880076; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\n__ddg9_=162.158.222.69; Domain=.diwins.bet; Path=/; Expires=Sun, 12-Jul-2026 18:34:36 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\nserver-timing: cfExtPri\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: \"6a51f93e-61fe\"\r\nlast-modified: Sat, 11 Jul 2026 08:05:18 GMT\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PjMVYgWWDopgXjQgAMVTe84ZJaGfHuK4ksU7vkehfVq%2F%2FEmr%2BkTZVpSxaKztvR5g3K81cycUBnORtoFsMtA6dtohrXmlRFlIYwvrpdJoL%2BlnVedBZa1%2BTjHVphsv\"}]}\r\ncf-ray: a1a2074a0fda56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 25086\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25086,"size_decoded":26165,"mime_type":"image/png","magic":"PNG image data, 96 x 140, 8-bit/color RGBA, non-interlaced","md5":"4539bfb3316a00ac522555b8527489e5","sha1":"1757714da7a77745dacc4f718078807f91c01032","sha256":"07978d96aff53bc48fbed60e1b02cf013c1f9e016c257b2f2790adccc4c9fe8a","sha512":"30c8ee5b936bdf61ac6d1f0e89667c30c26f9bf06192da6adcc7495de43c510df15ad7471ddc970fffd36e9615e804d77817437ae6dedb0c064e8e7d84f8d7f2","ssdeep":"768:rCAhF2kP9gdDKwObqHKsJi/b2MlRCcGwQC+cdUH:m65YKjGHK0i/ednUUH","tlshash":"64b2e1ffe3ac48ea864c84575206b64bb4f617d38b0efc09dd11e83d98c934584b5ab9","first_seen":"2026-05-03T09:25:58.521087Z","last_seen":"2026-07-12T18:31:37.65354Z","times_seen":19,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":385,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"diwins.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycasinoapi.biz/static/thumbnails/chicken-road-vegas-mini-inout.jpg","fqdn":"mycasinoapi.biz","domain":"mycasinoapi.biz","tld":"biz"},"ip":{"addr":"172.67.170.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://diwins.bet/","date":"2026-07-12T18:14:36.692Z","timestamp":1783880076692,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycasinoapi.biz","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Jul 2026 18:55:55 GMT","end":"Wed, 30 Sep 2026 18:55:54 GMT"},"fingerprint":{"sha1":"62:0D:59:AF:DE:89:1F:E0:C3:0C:C9:01:93:64:F4:D0:38:76:02:CA","sha256":"04:40:03:91:66:74:DF:81:4E:28:5A:03:2C:B6:C5:11:02:02:CD:68:AF:6B:17:7F:6A:EC:CC:74:A7:0F:32:50"}}},"request":{"raw":"GET /static/thumbnails/chicken-road-vegas-mini-inout.jpg HTTP/1.1\r\nHost: mycasinoapi.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://diwins.bet/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncontent-type: image/jpeg\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 12 Jul 2026 18:14:36 GMT\r\netag: W/\"1d4ff-19e1889e1c4\"\r\nlast-modified: Mon, 11 May 2026 19:35:49 GMT\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t5vWsRXn5PAyZ8WF2Zd%2BjaSCgfpOcYGKqxrwSM7vrOv%2BmsB28GpLJYDhirQ8h2itaUU92EbIk6kJEwteI7288JfKPrsaZtwnulQrgfewSm0sKVcm1U12qyRaCBWPscSZ8Xc%3D\"}]}\r\ncf-ray: a1a2074f5f60dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 120063\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120063,"size_decoded":121465,"mime_type":"image/png","magic":"PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced","md5":"d97c882f1efb1cb1a0602a1409eae227","sha1":"fed1caf3f89fb7c82227e37bd3159eeca20d05d8","sha256":"5a11d7cc3d0dcb1cdc5b76a698c907e6c85bee99c68ec743af24df813e67fa29","sha512":"c5cdd38a27bdf7e64929d9dc9092c4fe80b96a1bdd38f865aa1e9db9c207a34e2daf50c46aea9ada68011e8264e5da1a3ff18bc7573f1249e3b1cc0789d32080","ssdeep":"1536:w4cNnWnyYHZDR+gQngdgg768GBAqx4v6QI0ZbVZY4EamRVW63QTnwHe6mp3ZyNlO:oEJHZDR+gasY8ZYNaD6WwHHNo1","tlshash":"e8c312e970881bf8d381ea1ffa06ec26027a87c97fd32cb882486cbc4554e5dfc55161","first_seen":"2026-05-03T09:25:58.487822Z","last_seen":"2026-07-12T18:31:37.729147Z","times_seen":19,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
