{"report_id":"bae50488-04b6-4bc0-baa7-39b812dad65d","version":6,"status":"done","tags":[],"date":"2026-06-03T10:10:52Z","url":{"schema":"http","addr":"great-bet365.com.cn","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"title":"Bet365官网:尽享无与伦比的在线博彩体验-Bet365中国","dom":{"size":56399,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14803)","md5":"4b3957be1b80c6c2f7a5d35bf695a198","sha1":"edc28bf3d23c7cdffbb3c888fedcd823ec4f75f6","sha256":"b2d6b3bb1a2e0fbcb3b72dcf9364077ac3241aa4b3a868eddaf43bbc9dc2b0b8","sha512":"324fd3b4553c3bdc1da28fd6bb66f58aef2ca6c39d81805fff9707d3bc472e34e7d94491b4b31e3c16d30897bd2573cdbb79c23e9752f9b1d5034dd7afc86b14","ssdeep":"768:i+F1hnVm+WbQ2Lo35j/FvIKeKCRRD3JHn5QvmdVO2/GfFxrjfLynjHrh7oQvLJ97:iQhVQKY5f40MMcbrfG7","tlshash":"fd43983912f0067758dbd0e96998ab6efad4adefce1b9905b2df42425fc7cd18843204","dom_hash":"domhash82c72104890ec252c1f6195391c9770c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"great-bet365.com.cn","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-08T10:10:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-31T22:37:14.287473Z","alert_count":0,"request_count":4,"received_data":405978,"sent_data":2142,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-06-01T08:33:37.168547Z","alert_count":0,"request_count":2,"received_data":31778,"sent_data":1265,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-06-01T07:39:12.914211Z","alert_count":0,"request_count":2,"received_data":815993,"sent_data":830,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"great-bet365.com.cn","ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"domain_registered":"2026-04-15","domain_rank":0,"first_seen":"2026-06-03T03:06:32.337771Z","last_seen":"2026-06-03T03:06:32.337771Z","alert_count":68,"request_count":17,"received_data":1396669,"sent_data":8633,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-11T22:17:59.259566Z","times_seen":121592,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-11T22:17:59.259566Z","times_seen":121592,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?9f83d65a44d026160bcc9e4722d2084f","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"928635e8c9e30de781b47667f777e678","sha1":"9901a288ec4ace82be827b2a03f6b3dbd12b1f3a","sha256":"8594fc8bc2be977790177efcc60d8b409520aa38b89908066c025a332187e1d8","sha512":"811b8dea6c03bf5ebb29f35362405b9386ea3a9626ea1ddedfe649cc065b3e53d7fdc36b025b866bc5578433d66955940eb82bd37c3586ce14a249ff5433dadd","ssdeep":"384:D5BzTA/WdnloRh3KA7yUpNHR5D4f/gvJqan5XJuR5C1JwJAOovmkgbUzYRxefRff:DbvUpNHQf/gzn9JjCJAOoukgbUtff","tlshash":"b4d2cae5b186b13297b220a4157f320af0b75a50fc4958a4f15998d07d38fbb027bfad","size":30796,"data":"","first_seen":"2026-06-03T10:10:57.024778Z","last_seen":"2026-06-03T10:10:57.024778Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"Function","is_inline":false,"md5":"8db845d9086af3ac2f3d6aca7cb51346","sha1":"6c7f9a8989f35f3e1fb518652be266014265ed03","sha256":"9752d90d0e1e003a887e8679af706fdbb10cfa713f7163a18e4811c1701f13ab","sha512":"074e029672cfc0f17e543efa16d432f1b918de84e45ea4f6e81ff0fd404c4915b08029143aa49cd944314a76d214ba8af3682ecd39781023712892ea6ec09d0e","ssdeep":"","tlshash":"1cf055ee6bc5cd5d29d92dbdb409680e20640d252cdcdd698d04a8061ef6e7a98c228f","size":448,"data":"","first_seen":"2026-06-03T10:10:57.038085Z","last_seen":"2026-06-03T10:10:57.038085Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-13T05:01:21.032065Z","times_seen":40360,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"8fae9eb540fc6bc5faca1c7a2ebe43a0","sha1":"90282ba265edc5e00ece7fb4484fb703b2593efd","sha256":"b4a3394fc52df99a51d03b0eb295622b8c8e12d901c88fd8b1202c854aa88a5e","sha512":"920e52d5c300451c34f9a8a4a704d876007513b48b52b0db169cab0660c4bb519d39cf390bc9776288f89fcc40bf62d93942a950cf680448444c9154da6dcff2","ssdeep":"768:CLo35j/FvIKeKCRRD3JHn5QnmdVO2/GfFxrjfLynjHrh7oQvLJ97:6KY5fU0MMcbrfG7","tlshash":"23f2d03411f10b7740dbd1a82d68ab2ab9c4deffce5b9905b2ee86875f86cc1c943215","size":36823,"data":"","first_seen":"2026-06-03T10:10:57.040977Z","last_seen":"2026-06-03T10:10:57.040977Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"a537b6b1af5b9dfc4946d9163561a04f","sha1":"a6bc95fc91068087350449fe4662fa7abea64f0f","sha256":"0204526ceff723fff24cef43c63375ef30857b73ffb7e34c9add471962977e1a","sha512":"aac3dc8c70163188e90f28e98a9ea47ea96bf3be97f4f21471621337952e25bc974530178220ef8e09e698983bfdf63e5c8d012282c94fbb8ffde4a6c448c68b","ssdeep":"","tlshash":"3f21c02721f204ba49fb6a4a6bc7974d3b261087a442d9033e5d8b051f62e9224f2ad5","size":1351,"data":"","first_seen":"2026-05-12T01:04:27.061489Z","last_seen":"2026-06-03T10:12:19.590344Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"great-bet365.com.cn/d/images/42.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/images/42.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-16676\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91766,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 833x555, components 3","md5":"45931e239901f0f460be83d31dcaeeda","sha1":"35c63451e1ae53cd74d5a30ca3f21dfcfc61c023","sha256":"35c46b687307b5bd0270ea55a70427fecd558772612837e7835dbd1d788ca7be","sha512":"c5dfa584d7239cc8738714d01c79f6b503d0b6bff1f9268fbe9bf26a45877a772edb956f3cff8f4b42f8fffddbcc7ef410b948de85bd4000f99173284ff6d0c6","ssdeep":"1536:vU4TwkhbwXxKayC9keL0D4YtcQm2vtg5ZBkkeU3SnIaWbHPLF885ICSvoKNjI/UX:M4TlihKmHL+4e7pDU3K7WbHj+85ICypJ","tlshash":"699302dc5d441a4857ec70a8c22ac19b4be8894f2a41c5f62e3a4bda2c51d33fc49bf3","first_seen":"2025-12-02T00:14:56.398938Z","last_seen":"2026-06-03T10:10:57.010437Z","times_seen":4,"resource_available":false,"data":null}},"time_used":752,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":752,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/youxi.png","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/youxi.png HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-1045c\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66652,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 751 x 422, 8-bit colormap, non-interlaced","md5":"c67d791a4d6e632f6f3b8374d39ca22c","sha1":"11fc7dffdb2c80eebd762cafa9f56b7f1aa8b894","sha256":"83a5511605a7390c69889cf39bc65376f4d2a7eb9286dfba40fde333ae57bf69","sha512":"3ad6a189688e472ad12211ea3772589ab917604ee5f15e23a2398abc1568e749ad7b6aaac820c522aa63af4ba7c18adc6cf3c1dfe6d740f9522046290fe85695","ssdeep":"1536:52M4WzHNzO3a+rkCm2KZup9h/ljeGk+8PBcEnmDfmw3DRcHy:yKzO3a+ACmqpNjeGDCKEt2dcHy","tlshash":"e85302c54eb1045c6c8e48e7a6b77b3118dc9ee62663204703bfba4f56f9944b8ee01d","first_seen":"2025-09-20T04:13:34.109089Z","last_seen":"2026-06-09T12:42:40.912022Z","times_seen":132,"resource_available":false,"data":null}},"time_used":746,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://great-bet365.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 156496\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"65692999-26350\"\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1608740\r\nexpires: Mon, 24 May 2027 10:10:31 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YnFSYZCotBMrttFEqNzLADStTId0%2Fi7LPF7MH6fmC8Pf9Jtvr2sBvih6yJvTIVHdPr%2BJ04fpNHkOEHnoHAlpwUwDTXZ%2FE8jvm7M3c0Sj05CJKdOCQBC%2FlqvpmzOIQuvthmZH2dcu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a05de895b962a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":156496,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-06-13T05:08:59.724031Z","times_seen":42838,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":15,"dns":1,"connect":0,"send":0,"wait":14,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=E1D1A4F95DDDFEEB\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1165334676\u0026si=9f83d65a44d026160bcc9e4722d2084f\u0026v=1.2.85\u0026lv=1\u0026sn=26553\u0026r=0\u0026ww=1280\u0026ct=!!\u0026u=https%3A%2F%2Fgreat-bet365.com.cn%2F\u0026tt=Bet365%E5%AE%98%E7%BD%91%3A%E5%B0%BD%E4%BA%AB%E6%97%A0%E4%B8%8E%E4%BC%A6%E6%AF%94%E7%9A%84%E5%9C%A8%E7%BA%BF%E5%8D%9A%E5%BD%A9%E4%BD%93%E9%AA%8C-Bet365%E4%B8%AD%E5%9B%BD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:33.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=E1D1A4F95DDDFEEB\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1165334676\u0026si=9f83d65a44d026160bcc9e4722d2084f\u0026v=1.2.85\u0026lv=1\u0026sn=26553\u0026r=0\u0026ww=1280\u0026ct=!!\u0026u=https%3A%2F%2Fgreat-bet365.com.cn%2F\u0026tt=Bet365%E5%AE%98%E7%BD%91%3A%E5%B0%BD%E4%BA%AB%E6%97%A0%E4%B8%8E%E4%BC%A6%E6%AF%94%E7%9A%84%E5%9C%A8%E7%BA%BF%E5%8D%9A%E5%BD%A9%E4%BD%93%E9%AA%8C-Bet365%E4%B8%AD%E5%9B%BD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 03 Jun 2026 10:10:33 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=EAAC1545E1D7057C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-13T05:47:55.549377Z","times_seen":367546,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-03T10:10:29.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40531,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"904cd95abe5cc2002072cb1d33da8d77","sha1":"8920b1f40c116fcfb409f34f6350dd2e42e96399","sha256":"81e1d44e6a54517b788da30397ef22d3ec6a8f74098cf1e554764ee52ce556d3","sha512":"b962402abb9cf5573becefff6c62c9f1a0ddeccdc6ec9bcb9ce8827b130ea08a9d9dd990aa36797943431f37f11d07e9fa6df5251104be246b2384ac2ac807b8","ssdeep":"768:ldOHwcJTFcktXFWFRVSxw3BJ+FCHb+mvsvZUgQ8j+c6kSMChP6GsRhN6Vb:lgWjIkg+a8qGglJ6","tlshash":"b503ef3411c10a7781fbd1a81e68ab69f9c49affca578905b2ef97875fb6cc0c943250","first_seen":"2026-06-03T10:10:57.014564Z","last_seen":"2026-06-03T10:10:57.014564Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2149,"timings":{"blocked":921,"dns":402,"connect":255,"send":0,"wait":307,"receive":0,"ssl":260},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/2.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/2.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-3e245\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":254533,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 750 x 292, 8-bit/color RGBA, non-interlaced","md5":"774e91bc60383de8ab70040dacbe7c60","sha1":"9ffc720f2997676929d79ec4c5c1d874b72be687","sha256":"ad02052d6d99dd68dc9c7b2020c3bffffadd96d2e0f4209883637a0eeae0d205","sha512":"272cc75a0e343eb45635695c4f1f8c3a79489667e2b0eceb95eefa61b8672155fc6ea83056a63f11ed69b1aa4ab5b41180b80c81db0dbd345e67d25807c4cdf8","ssdeep":"3072:ssYBXq72KssxC2rYckl8bRzCfirRd4fCPopd0FfPeG/8ko2y2nVckKB2wh0l1WPE:6qqbF2rlb5FRSCPoTwr/8A3+bB2LYnfE","tlshash":"f644234ff7139eb961d6d76925428ad33711285e2fac3ddd00c0a2d84bdacad69b4c21","first_seen":"2025-01-30T09:28:55.939221Z","last_seen":"2026-06-11T05:56:53.533143Z","times_seen":61,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/images/187.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/images/187.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-efa9\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61353,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x720, components 3","md5":"8b85625e58e7a4a40aa6e0f52db6445d","sha1":"04a10078927995d601e2a30b4e7df758650d4a8e","sha256":"33df32537d45eda7ea91543fa0e47bbad2e257a4f2461c2be5a5bf48799ebd97","sha512":"465ccabe54e06e0c10392342feeb018f3b59c9aafdd073ea21700070a3788914be888bb59a3bff62280b57cd16fc13975eab337a1487193f52cb520872348a69","ssdeep":"1536:QHzLJTr7/cESUhD0eQbvgky3g6ochQjTZNef8I/vvg1lqm:eNrrk+0eQbi3wjxNeE6qlqm","tlshash":"f653be53cc145b8395a4c7f9be174da82b0a5718e592bbeb10229fef3620a755c4e03e","first_seen":"2026-06-02T01:38:57.582088Z","last_seen":"2026-06-03T16:19:27.939757Z","times_seen":3,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/images/17.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/images/17.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-129d4\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76244,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3","md5":"814aa5f3e44a05227f1e8ee10d44bd54","sha1":"9110a7c2f29a85fd5413ece3acbe4d5be88c5679","sha256":"e4effa21f27374ed2f996960fdf9eac0fc01d604e29cc4e2ac8410c9c7ec0b73","sha512":"be7bb0014816c2131640e030924e7e12333e153b76c3d45b24eecfea8037ab81be444ce5e4c5f400bca92698c1e2b48e612ba84eb234ac0ff73ac20b34960ff3","ssdeep":"1536:NGCSHsb2lVd1lZSCLWVAGlJ4QT4x4P+dHvFdA+14:NLiVd1lZ5knHnEmP+ddS+14","tlshash":"b27302185d5fee7a97519b7a0431309c31706d8e9b17bcba1428783bcf345a8825fce6","first_seen":"2026-05-16T15:30:11.639347Z","last_seen":"2026-06-08T02:46:49.289888Z","times_seen":11,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/images/182.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/images/182.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-c461\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50273,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 960x664, components 3","md5":"6fb4e7aecd769856e33888648e4e52af","sha1":"5716af20e7a0ab8188cfe27bbed3827c166fc773","sha256":"c2f37bdfc25eac69420721a5f917c0338344f4af6573fb5e71760509bd29146e","sha512":"941b6628dbcc8d534d84bd4680b6e3c09eb91efe0d6085287115b9e0cabfa6d501cf431c4ff3df5dc02aff3cb0bec675791543cf8ee2e2aa4d10f004a74caa43","ssdeep":"1536:Py/uTYb/z7q/NqzAJ0cc74twG3d0NFH6FGdrYNZ:zTYrz+/kzAJ0Z74tw/Nx/dr8Z","tlshash":"ab33f10cb78861b0e6d6fec5b6777624c10103870628d6e30c99d6b68955e2748f7bbd","first_seen":"2026-06-03T10:10:57.021499Z","last_seen":"2026-06-04T14:53:21.629352Z","times_seen":2,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/6.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/6.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-1d9b4\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121268,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 750 x 292, 8-bit/color RGBA, non-interlaced","md5":"6e875352b5829e2897ca9846a6659f0d","sha1":"21363860feb23d4ebd8a02acc7748cf647ee7c71","sha256":"45928649e74a175541c5a1b9c754647c64ec0d47caa5ad78a8691e5ab41acf06","sha512":"1507b10adeccae507df3067600877281f3b7bad7b98b2801b6e4cd0d08ecfe0d8cbdd65ef720386f892cf28128e474268b919f52c2fc1683224cc30b1ca56115","ssdeep":"3072:CY32t8Ob77F9cUeTSw8VgtjZ0t09wLeyJX+aDbr9nR:g/bodTS2Z2ZLd11R","tlshash":"32c31201e7bab70c91d3866c9723760ae752886a21ef7a78d3f1d5e78c827d3385524c","first_seen":"2025-10-30T17:00:27.605937Z","last_seen":"2026-06-09T12:42:40.913144Z","times_seen":137,"resource_available":false,"data":null}},"time_used":746,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?9f83d65a44d026160bcc9e4722d2084f","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?9f83d65a44d026160bcc9e4722d2084f HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11502\r\nContent-Type: application/javascript\r\nDate: Wed, 03 Jun 2026 10:10:33 GMT\r\nEtag: 057668c791b3915c87876b299d75f737\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=E1D1A4F95DDDFEEB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":30796,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (629)","md5":"928635e8c9e30de781b47667f777e678","sha1":"9901a288ec4ace82be827b2a03f6b3dbd12b1f3a","sha256":"8594fc8bc2be977790177efcc60d8b409520aa38b89908066c025a332187e1d8","sha512":"811b8dea6c03bf5ebb29f35362405b9386ea3a9626ea1ddedfe649cc065b3e53d7fdc36b025b866bc5578433d66955940eb82bd37c3586ce14a249ff5433dadd","ssdeep":"384:D5BzTA/WdnloRh3KA7yUpNHR5D4f/gvJqan5XJuR5C1JwJAOovmkgbUzYRxefRff:DbvUpNHQf/gzn9JjCJAOoukgbUtff","tlshash":"b4d2cae5b186b13297b220a4157f320af0b75a50fc4958a4f15998d07d38fbb027bfad","first_seen":"2026-06-03T10:10:57.024778Z","last_seen":"2026-06-03T10:10:57.024778Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2593,"timings":{"blocked":1162,"dns":279,"connect":459,"send":0,"wait":268,"receive":1,"ssl":422},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/favicon.ico","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:32.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:33 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15406\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\netag: \"69a93289-3c2e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"6ddad4313754a649a43dabb7ad14e952","sha1":"61b2eea0b3e9d858c1ede1a8080f6a424906c7b4","sha256":"edb0231591a6f31cbf7b0d6affbbf578b314017e3755c5013f580dd95a0bc5a3","sha512":"27d672694436e512cc86cdd2c511243ce0e859dcae1043371b175abaa792ebf1c8a1750938b2c616458cc0750b39517b926896bcc0ca72ca76b0cea5fa2c11d7","ssdeep":"384:Bffffff0ffffffXffffffeWKBvffffffffffffffffCfffffffffffffff6ffff8:vWKgM1xRDDDDDDDDDDDrXRIhN","tlshash":"68626212cca621abe6dc1c3f921d2c092ead4e2409f529993101fd9d0e4e3655ddbaff","first_seen":"2026-04-26T21:12:59.872622Z","last_seen":"2026-06-03T16:19:27.930257Z","times_seen":22,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":256,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 May 2026 14:31:45 GMT","end":"Mon, 17 Aug 2026 15:31:39 GMT"},"fingerprint":{"sha1":"B6:67:6F:5A:BE:B9:2A:B2:16:10:49:96:1E:1F:99:2B:44:AF:EA:A6","sha256":"63:A9:BF:FB:46:E0:B8:37:95:77:F3:63:84:AE:78:22:46:11:85:5E:DF:87:F6:4B:EF:F2:2E:24:D5:74:70:39"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::sdn9b-1780480855489-27a541e5ed79\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 575\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=caejWfLOSb7hAX05na%2BxBhEURssVWtMcD%2BQI5yty%2BsR%2BetfqRgK86q8J03yH7DWR3QXHCq%2Bm9aFjfYSqrpYL%2FdjRnOODp5yCRgPeTf93cPMQnaXOsizaP7RviP2iccbOZi7R540%3D\"}]}\r\ncf-ray: a05de891bebdb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T05:48:51.474214Z","times_seen":16377836,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":24,"dns":23,"connect":1,"send":0,"wait":5,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/1.jpeg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/1.jpeg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-d5dd\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54749,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 750 x 292, 8-bit colormap, non-interlaced","md5":"3c0bee7e65d5f32c0c3edf36871a32ad","sha1":"54dcf96ee12b3cd23271c5f840bd5df5561b4b25","sha256":"9ffcdf0fe9f83eb15d3232545deaf74f346d03c46a536b838fccf1d889807c63","sha512":"f10398b7e2dc92d4aceda77c84fe5cfeb8404583f952007bbfe1a412b273384818e9edb70963a48a1dbbc6bcf1caa874b0adee843a7f1a07d3c148d973421630","ssdeep":"768:2GXJpQp7HAHjnV4undC/kVFeMoOR2Wpn3DI7SDsTfs9EYL0tTs5k65Lgmy3xo/3R:2AXQp7gHDTpPDRHps7SDUfsTYyPlR","tlshash":"1f3302ad12d7fdf9815187d32ec69ed61c48944c6a3b4be3d4b6b06a1230f1612cb507","first_seen":"2025-01-30T09:28:55.929818Z","last_seen":"2026-06-05T02:09:27.30838Z","times_seen":25,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/3.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/3.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-c42d\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50221,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x292, components 3","md5":"badbd0905fdc0c5daf586dcca0e67899","sha1":"0a6b9e75f9f2da210a64fcb3b3a86a0a312f1c54","sha256":"9670a7a853fc2a274e34c8bf8db3840888e16aa2f41ca55411d302570209a0fe","sha512":"a22799f4bcde52514b2573db20c9ad9347550aa836cd7d750c9c8a7102784370a93d884c83402b71b914813a4d95b5526b58c0b3eb6a420f838b8ffafdd7c710","ssdeep":"1536:0VJF8Nu2IgMbvKRe0c0W0X9GrMoa/nqYnBLGicPH:yh9boNcT0X9efP","tlshash":"3333f16135cdba9fe353b8bc800477af0a4d6b98f43dfe27886989517942d62c39c017","first_seen":"2026-05-12T01:04:27.041088Z","last_seen":"2026-06-03T10:12:19.585834Z","times_seen":8,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/3.png","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/3.png HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-1d9b4\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 292, 8-bit/color RGBA, non-interlaced","md5":"6e875352b5829e2897ca9846a6659f0d","sha1":"21363860feb23d4ebd8a02acc7748cf647ee7c71","sha256":"45928649e74a175541c5a1b9c754647c64ec0d47caa5ad78a8691e5ab41acf06","sha512":"1507b10adeccae507df3067600877281f3b7bad7b98b2801b6e4cd0d08ecfe0d8cbdd65ef720386f892cf28128e474268b919f52c2fc1683224cc30b1ca56115","ssdeep":"3072:CY32t8Ob77F9cUeTSw8VgtjZ0t09wLeyJX+aDbr9nR:g/bodTS2Z2ZLd11R","tlshash":"32c31201e7bab70c91d3866c9723760ae752886a21ef7a78d3f1d5e78c827d3385524c","first_seen":"2025-10-30T17:00:27.605937Z","last_seen":"2026-06-09T12:42:40.913144Z","times_seen":137,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/5.png","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/5.png HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-1d9b4\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 292, 8-bit/color RGBA, non-interlaced","md5":"6e875352b5829e2897ca9846a6659f0d","sha1":"21363860feb23d4ebd8a02acc7748cf647ee7c71","sha256":"45928649e74a175541c5a1b9c754647c64ec0d47caa5ad78a8691e5ab41acf06","sha512":"1507b10adeccae507df3067600877281f3b7bad7b98b2801b6e4cd0d08ecfe0d8cbdd65ef720386f892cf28128e474268b919f52c2fc1683224cc30b1ca56115","ssdeep":"3072:CY32t8Ob77F9cUeTSw8VgtjZ0t09wLeyJX+aDbr9nR:g/bodTS2Z2ZLd11R","tlshash":"32c31201e7bab70c91d3866c9723760ae752886a21ef7a78d3f1d5e78c827d3385524c","first_seen":"2025-10-30T17:00:27.605937Z","last_seen":"2026-06-09T12:42:40.913144Z","times_seen":137,"resource_available":false,"data":null}},"time_used":746,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 May 2026 14:31:45 GMT","end":"Mon, 17 Aug 2026 15:31:39 GMT"},"fingerprint":{"sha1":"B6:67:6F:5A:BE:B9:2A:B2:16:10:49:96:1E:1F:99:2B:44:AF:EA:A6","sha256":"63:A9:BF:FB:46:E0:B8:37:95:77:F3:63:84:AE:78:22:46:11:85:5E:DF:87:F6:4B:EF:F2:2E:24:D5:74:70:39"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://great-bet365.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::vhhlv-1778775055415-ee1be01c049f\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1706373\r\nlast-modified: Wed, 03 Jun 2026 02:11:42 GMT\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TQrPKNEQCxJSN0RkMVMjAj%2FTerfq90RCk8Jmo1K7IX6IXnVb6llhAaawKNSEnH7JDT%2BGbjxp8mvX3e%2F4FWPVBho5FBHM3XLDprXnoL19Mp2CYYUFYMgs67Mhl2AiYo9rE9DB4jY%3D\"}]}\r\ncf-ray: a05de891ff67b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-13T05:01:21.032065Z","times_seen":40360,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://great-bet365.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 11206\r\nexpires: Mon, 24 May 2027 10:10:31 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RYNyUbkR9daAsbnM7KHaOJHSLQaAaQfw9AhupaqoJJQ12ksqWSsdaxZz%2FQv3YbuNNqF9buf6ALLEfTaka0SYR9IRr7Doxbv4uSWZTuZRojsRDeaoqQDPTKRiWKtsDVvUzU4CK3vH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a05de895c985a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117372,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 117372, version 773.768","md5":"b6356c957274676e6571c1ff5e11c9a8","sha1":"4022f95e001d734ca8f082b8e7627abd205609ec","sha256":"3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490","sha512":"83de79c74480fafc62cdac4012ff2a129d8701772ee16216c3d9488826ac21a9c2f8a416fe3208a61bfea7e12c24ac1cc2d26f6d22bd2b0ba39a22d630238b59","ssdeep":"3072:U3JKgVzg5ybfXYe5W59JPQaPWKSsx/DBMnVnqedkAFqPQTzIBIOK2vDMF:IVM5A5GJPQaH/NMtBkAvcnYF","tlshash":"c4b312f88b7ac9a5e304e67b55e4613555a0aec8b180f35453be7c2c221e10dc67afe3","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-06-13T05:31:18.42189Z","times_seen":25241,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18861\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"65692999-49ad\"\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2274458\r\nexpires: Mon, 24 May 2027 10:10:31 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BErzvk6sSqiSd3kuSdYk2A%2FWi7QfxeUrn1YUhQW6r4E%2BZgqdAFI6mcbTmqg7MzVjhkWWjqGH7tWfczkHiSiSQOBETY2Zr0i8sGYNv0%2FIxXxbVbP0uOpnVtKru6EYLY7yDwKJRCTt\"}]}\r\ncf-ray: a05de891aa895691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102641,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"9402848c3d4bbc710c764326f8b887c9","sha1":"b6e555166eb1381392e00adcde9bf8863f16ff01","sha256":"c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7","sha512":"0d33903bd456087de9a46a9c59a100d41219382eb1c5a97012cc3d73641078021fb65f957a0a2f96779ed5cf505f84dcb6758c9f5dd36727be822326f1ed8bc0","ssdeep":"1536:iwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgSLCJ:O709gMGFiyPG9ZiSLCJ","tlshash":"79a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-06-13T05:08:59.74419Z","times_seen":29682,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":7,"dns":1,"connect":1,"send":0,"wait":13,"receive":1,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-regular-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://great-bet365.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 25452\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"65692999-636c\"\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2265069\r\nexpires: Mon, 24 May 2027 10:10:31 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GhnohOLIQk6H7xxGh6DwQWx2T8fCbatDpqY8KQMHQhL1EvT1%2FB%2FUF9ZWtfzhuYTFj%2Bl%2FYe5KPs2FN9%2FyErrtBEJ%2BqBSk1ZLUHpV2IOHjGvWLYvxE8IX0vTyh27UtLYbUT%2BEbzScG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a05de895c984a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25452,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 25452, version 773.768","md5":"023a4a925fa3fce0f66b769ef6bbb264","sha1":"2ed706340547d19c10a409ee02fb08f3d52ff670","sha256":"2bccecf0bc7e96cd5ce4003abeb3ae9ee4a3d19158c4e6edfd2df32d2f0d5721","sha512":"40f3ef2bfde073d33a2d3cbc280fb40ea50dc2b0c3619c8d9717d665351ae219caa5f17ae67cc87e777ff73c1275c1f3778b26e95f19459594d2f42ab95aecc1","ssdeep":"384:Uf5wuZ+wxJe5X/l55lwWB8jCYpdKMH4aL0a6nYEd4Mjxx6e6RERnoJ8ZwC3UmFs:0wFwxM5/1G3UIya6n9dft6RERnomFs","tlshash":"04b2e008d6d6bd12d57196f83bf74ca04bc0464b0a976b2545a2bde30ed00eec86bb79","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-06-13T05:23:09.232557Z","times_seen":7990,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/2.jpeg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/2.jpeg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-761e\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30238,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 640x416, components 3","md5":"7c7d45a64002b831ab5ecf3d24d08d5c","sha1":"44f703c025fc1c2c192e0f6ecceb9d614cf87a41","sha256":"80f6b77de4766897d29fae8bc18d9068aacfceeee70ef93d15f8577b86c5ebb5","sha512":"4e68a7f7e3ae10297378b67b2270aebf677f198a69af7d225bad65fe3bfa964d9e6e1d166023d4f3526b721036e9a582f9da3cfc1d88f8dcf47965a850e3c48a","ssdeep":"768:P2lVtOhbME7w9WpmdXsP8/AHH7NlYWDeA4pP2NddCFzeOQ:PMGxNMDX+8IHRiWCAsMdIFrQ","tlshash":"6bd2f12dbee59060eb0b5169bae798e2999906068ac1ddf0233c2d59f4c4df913c53cb","first_seen":"2026-02-10T07:00:07.229094Z","last_seen":"2026-06-08T02:46:49.286609Z","times_seen":70,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/pic/4.png","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/pic/4.png HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-1d9b4\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 292, 8-bit/color RGBA, non-interlaced","md5":"6e875352b5829e2897ca9846a6659f0d","sha1":"21363860feb23d4ebd8a02acc7748cf647ee7c71","sha256":"45928649e74a175541c5a1b9c754647c64ec0d47caa5ad78a8691e5ab41acf06","sha512":"1507b10adeccae507df3067600877281f3b7bad7b98b2801b6e4cd0d08ecfe0d8cbdd65ef720386f892cf28128e474268b919f52c2fc1683224cc30b1ca56115","ssdeep":"3072:CY32t8Ob77F9cUeTSw8VgtjZ0t09wLeyJX+aDbr9nR:g/bodTS2Z2ZLd11R","tlshash":"32c31201e7bab70c91d3866c9723760ae752886a21ef7a78d3f1d5e78c827d3385524c","first_seen":"2025-10-30T17:00:27.605937Z","last_seen":"2026-06-09T12:42:40.913144Z","times_seen":137,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/images/171.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/images/171.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-16777\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92023,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 690x859, components 3","md5":"f4758f4a7d77b090bc0c13c522dc7a5d","sha1":"742fffdf1923ef2a8a6e65aede61be915bb76cc7","sha256":"9f74a44caafa529bfa8c9dfc24ee2cd76772aa33c94d21848d14f780f86e3d81","sha512":"f48eeaa1e424b631ba817e84d2cd49ae3ad2bd45397d8a263f98aa94ded3d29d60100b2100eefe0a7f3d58f06043d58b2b2f76248958b2d27e1383b89c5dea9f","ssdeep":"1536:ugVhK5m8EWXIQRJsHXA1Ds5b4aZ1R/wLIy44BTZi8z5T2CfhIR8gUP4FT4LzwcOf:ugimm/Ru395b4a/wMy4gZi45aCfhyVxf","tlshash":"ea93f15ec5cbc233880d4c019c4963a09f96babc4f395d2356138dba3534893afba792","first_seen":"2026-05-29T18:22:18.286015Z","last_seen":"2026-06-03T10:10:57.033991Z","times_seen":3,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"great-bet365.com.cn/d/images/45.jpg","fqdn":"great-bet365.com.cn","domain":"great-bet365.com.cn","tld":"com.cn"},"ip":{"addr":"177.210.107.37","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://great-bet365.com.cn/","date":"2026-06-03T10:10:31.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"great-kaiyunapp.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 04:48:48 GMT","end":"Thu, 16 Jul 2026 04:48:47 GMT"},"fingerprint":{"sha1":"5C:E6:E6:C7:75:62:57:BE:5A:B3:58:57:12:CE:2E:B8:49:C4:74:D3","sha256":"88:49:3B:00:84:B1:54:67:E1:BE:82:E2:65:55:CA:2E:E1:90:97:96:A1:44:7C:5D:BD:14:F6:B8:94:EC:82:05"}}},"request":{"raw":"GET /d/images/45.jpg HTTP/1.1\r\nHost: great-bet365.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://great-bet365.com.cn/\r\nCookie: server_name_session=8ec7f93caff7843b0c4fa65d0703097f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 10:10:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Mar 2026 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69a93289-54fd\"\r\nexpires: Fri, 03 Jul 2026 10:10:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21757,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 816x455, components 3","md5":"3123c1fe321a5fc2cbda72c47a5bd221","sha1":"6f58414cf11059918eb79d06979cfcdb226c65c3","sha256":"c24550b7437b01fe33f8125d86655670151dc56555b9fb79c013980cae23775e","sha512":"ea4d046efe5cc936af449a9968d62cd9038bd3508240820448a671258ba8cfe302bd015b87d3b300306fe930edd07871d936a124b329eafdb942a5df3d1f454c","ssdeep":"384:9wY9T2scfffnQl516OUyWChwYIZr5VhBfHO5ofpaGi15+gz+ZQiigH/07aisMKOg:CY9T2scXfnQMjbCCYIt5VPuoR215+gzU","tlshash":"30a2bf13a7402203d46dea3884e70b39bf24baf9f7e87354be04ca679735810bd2b551","first_seen":"2026-05-16T15:35:00.886488Z","last_seen":"2026-06-07T02:46:24.253011Z","times_seen":5,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"great-bet365.com.cn","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"great-bet365.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}