{"report_id":"f140e5a3-df9d-4398-8315-9e5135af567d","version":6,"status":"done","tags":[],"date":"2026-01-07T13:03:10Z","url":{"schema":"http","addr":"bet73028.com","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":0,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"bet73028.com/#","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"title":"365英国上市官网","dom":{"size":212663,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"f82ccc347e3bcd0cd76076bc253f435e","sha1":"bf65c63d7d1df919f8e08ed604e2b8fded26e22e","sha256":"923c5600a5cdf14bd498d6e4d334b7cae5461823f75e8e4e77b1bda503116c80","sha512":"b66f15c185b4c3a1175c479f64e2fb060a5ea47fc98282a955beb6374b0d3777cbb6c88abaf9855b9f11db69a276cc236a79e2c27a4e9afe3bb9fba360007017","ssdeep":"3072:acnIlP4AkwhJf2v1zyqB2cbntI2ToJvvNlX33X3K1+QDWrOE4HRHkx9iazfO2AlA:aBeAPhJfIhV8OnqJvPX3QDA","tlshash":"c224ae5059f6116700b291a66db66f1f6ea0e043ca09da0837fc4bd45fcbd8fa87768c","dom_hash":"domhasha7a9d0de78d14d5dbb5c9ea3f8251bc3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bet73028.com","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":0,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T13:03:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bet73028.com","ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-04-12","domain_rank":0,"first_seen":"2025-07-21T17:32:35.986484Z","last_seen":"2025-10-06T10:53:23.572049Z","alert_count":54,"request_count":9,"received_data":428297,"sent_data":8824,"comment":"","tags":null,"fingerprints":[{"name":"crypto-js","description":"crypto-js is a JavaScript library of crypto standards.","website":"https://github.com/brix/crypto-js","common_platform_enumeration":"","icon":"default.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"3f38sfb.segrft.com","ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"2022-03-19","domain_rank":0,"first_seen":"2023-09-14T23:21:23Z","last_seen":"2025-12-31T06:58:26.781064Z","alert_count":0,"request_count":60,"received_data":1602755,"sent_data":28098,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-01-05T01:27:37.424479Z","alert_count":0,"request_count":2,"received_data":30885,"sent_data":1127,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc73d35f5cc1806a1d4a4644579104c0","sha1":"2ba6e2a59a23ee43c16b4bd9e5cdc8e05646fb0b","sha256":"4053ddd607d4daccffea0d1a7b56e10018cc56096937fe55dc2e7a8142c210aa","sha512":"52af5976ddffb9116c526808dcd9dd73609939a5b5d0763ff406d86a2d8f02cc5563465532949aef08c1f3f1dc96f6eb477e3e68ce68566010eb692f665671d7","ssdeep":"","tlshash":"53b012ec7b539243248d13f2ec3ac9358c39317d1371379321bc204d0c154085410100","size":106,"data":"","first_seen":"2023-03-07T15:03:59Z","last_seen":"2026-05-30T10:19:54.535688Z","times_seen":3290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9c7afd05729f10f55b689f36bb20172","sha1":"43dc554608df885a59ddeece1598c6ace434d747","sha256":"f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c","sha512":"3dcae1ff6e98c64e3586be3eb14dd486c51f7d4e9fa1b8f9a628be4fbb6a9ab562f31f9b50e16d2e0c72b942bdbe84eee8e0ef87fa730db1428b199a59d88232","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrJ:++414Jiz6fh6lTqya98HrJ","tlshash":"ca83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84345,"data":"","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-06-06T23:28:23.435135Z","times_seen":25162,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/main.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a579f2e4d3b31b3ea017e7b03a475dd","sha1":"8d9a6430face051ae1365d421f15c60cff36613c","sha256":"ca0d1288490dab47eb98606d7e519b4be96e1d5f354b8cf4a6ef39dd1846c41c","sha512":"e5c65863509fb786d1a2ac8a1c0e0ec1446158037079a067eb6976040a0d912e326c2254e7968a7e22ae794d3adad6b9bfccbd2a4eb35dad622676d3a989d742","ssdeep":"","tlshash":"1941cc1df9f665c208b730164f3f451c2163a81f6a09ce40395c65c09fa267ed2dbeba","size":1933,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.922907Z","times_seen":5039,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3736ef368209fba77c98f0b5f2906935","sha1":"1d80f05c3627abd3854fd7a6cc0a48a5d5ddf3ad","sha256":"2049979ccfac497426924bcb36e5cc8933b2d0d548c2893306a3ab896eed7b0a","sha512":"4f3e3ac954c9d7a7c8165c9d05bb2a2f8ce208ba6f599b07efe196c4994238d884f3c91eb88c31e35504e06c56e4eee8abfd6d341a435bb5e7596f87e9de3c2e","ssdeep":"","tlshash":"7021123ae042104406a7e0bd888a285120800c03cf482a08b3cc92958fad3cf32f3ace","size":1233,"data":"","first_seen":"2025-08-08T01:45:26.011378Z","last_seen":"2026-02-02T21:06:37.652917Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment-timezone.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc45c47c99fe4d26b2b24e46cec399ad","sha1":"221067a4147ece74b03934528ad61bcd4026e477","sha256":"4a65c2af68e89944c3da128c9b329596d930ce09dc9b8ba726b640d812e1fd88","sha512":"1658e474170022d40e698a422f024b4872bff33c78af1dbe98df3a6a99a0f1cd1eb36725ac9fca7bc1264ea491d0a19a2ee0a3a952adba4aba3242c06f830f93","ssdeep":"3072:olpkvlaDD/DCD/DCD2iqWCPrMBq1rGPuAZDDD1DDWoST+piMhrlon5Blu4hK:CkbW0sNpiMx","tlshash":"f714b0292617bb44e459c08bfa3779c0caade18a940614d25f7d57b31fa37e2de68c03","size":196335,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.859609Z","times_seen":5045,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/js/www/decrypt.js","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d1d23f897c7f9fa4b24eeb8159d7e21","sha1":"9c6ab5fed65abe81454978f1e844c4f36d61a1c7","sha256":"8da1db8adc85dc835413880c71cc811c762e48018590f9a991115e83a722c869","sha512":"4d258cf5b37b503615a1373aebf3474ec8f94351455729665223a9318067ca6b815d0bf3c265ead937660bfb3b0e75b25f450ef1b235a64b32d87df01e1b8e32","ssdeep":"","tlshash":"b9f0bec8adaffdd4add295d2627ec809a99315430209df52b688ac1c9fc80281a2b0f1","size":531,"data":"","first_seen":"2023-12-21T07:44:20Z","last_seen":"2026-06-06T23:09:22.895519Z","times_seen":4737,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9019874f2f793dde21327d6538753781","sha1":"e5b1d2b3c7b2fda35ad01d40ff4bd5ac059154e4","sha256":"3b229dd16b0a485404a37e35fd14724f26d3bd1856bf88e4ecb49eedb68c644f","sha512":"fe341bd127ae09fc7df20ff96cba26e2e691913e7988dfc29bdf19151497251bc88e8475145a075c705124ed85952eb044221d30faa4b1da88d18c946795ed57","ssdeep":"","tlshash":"8611924bf7e86601707732be8abf5429173b2407ec050c40f86c0aa83ba14545cafa88","size":901,"data":"","first_seen":"2025-10-16T18:47:47.806589Z","last_seen":"2026-03-19T07:12:23.043554Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/assets/js/caller.js?ver=1675418258","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e7441dc033395b76a96b25b6efef0f0","sha1":"c833e33f4a95efa559a847dfff036cb904260b48","sha256":"80caabbe50f5f83254e2545d01bacf299c7f417a103e912bd41d6c330a6e4f86","sha512":"e96041ac2b7106fe9aceddc1faa3e996ffaa97945d56cff7b3ca0697492cf6ff53f6fc3826319a85eb360e684a166c0c8c075118a37655312dfbf231ff9aa167","ssdeep":"96:veR5suijTWxKhgCBTSCkAjnhefPMm03OMu9eqeeV0vMu9eqeeVqgYi:veR5su+TWsU1eO70v76i","tlshash":"dc914212de042051f76332b85a55661f6131684f7f8a888dbcbc747f9b70acb857d189","size":4386,"data":"","first_seen":"2023-03-13T18:11:33Z","last_seen":"2026-06-06T23:09:22.857441Z","times_seen":5037,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e70edb526ff09f426618efade93a4782","sha1":"840b05449d3851118fc835592bd98af885bdbf1f","sha256":"ab513aa4626ba224ac61b747674e6aead965f6e2cf87a2e60c7d4645b519817f","sha512":"943192c03e09b13bbdee324fda4c81d019b4cb5178596b5c548a1e6776022aded289a6076d32d5f55f99316b57b6f7db13c6429edb3a1e6927e7bcea89774cd9","ssdeep":"1536:/cZlnfxbjbJzvdvpeG2iMuz/M6z4QZFSNwmJaxxKZ5dFR79LNOf0uK:/cZlntbEG2i8umYx620uK","tlshash":"cfc3508a69476123467267398f9f4509ff6985330a0e8605bc9d92d83f71c6c43bafec","size":127757,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.934721Z","times_seen":5094,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"96afdaf909dbd58ab7e513a45648fe2a","sha1":"09fc554421644d3416f0a7423d61cf65cc0556ea","sha256":"e201179619939df349908a4bb546b2b64aa1897a966b22ac559578355a3e6f99","sha512":"2a56e8447e9944c3dee07b0e660f1244ccd5e5ff572f3274796c662c4d8fc1f9ad99fb82a00058d796295f04d129234cf2ac97435c7bfd33915b72127c23105c","ssdeep":"","tlshash":"f421c21bec5b54a03757043913fbc44cb1a2994fe069c405b48de8514f54e860d2eb9c","size":1316,"data":"","first_seen":"2025-10-16T18:47:47.849352Z","last_seen":"2026-03-19T07:12:23.049675Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/swiper.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8be4ec964b15c656c05a17f822762b3","sha1":"1afabbf1eeecc4d7ddfbb4c824696ce1aadc8d0f","sha256":"e32b2b578b1345c05be32292da9016f7ff564bb3f4aeda3c1b6b76869648fcbd","sha512":"0abfe93e1dab3db289b0efe0f92e42f6ff14cc4e550b5bca8d4a84fe736245fb70b39e5b86bd9aea620e6fd73a76ce8aaed9d3a561c6208dc9108778dba141b9","ssdeep":"3072:2hUcC5HqffYIdcMZOGHgZsUOUIBdID8CX:y45HqXYIdcMZOGHAsUOUIBdID8I","tlshash":"7ab3094eb35071a551e36257525e8241a3b72409780ad0ac35b6d8ebacbde4c13bfefc","size":114405,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.901652Z","times_seen":5129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","size":253669,"data":"","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T23:56:34.365715Z","times_seen":21192,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"80415669e3e0003081a5617da8138887","sha1":"e15f2c79103f9dc9701154e1c40e0361fafe7c34","sha256":"1f86eb6f26d1d3fcc537ab0418be52f40ecc7417a704c0edb673a0ff00556c2d","sha512":"bc7b82f3bbacba1e04658292ef52070e6662a3dd1bf4c13d97c4e1d625c208c9f41c81109b317eef6f910320a991d1ece33894c0e2ae662cd121afacccea3bb3","ssdeep":"","tlshash":"ca31ed8cc526001420091339b88938022a455e8bde98342e339e1e7e2feb80e4ae369e","size":1685,"data":"","first_seen":"2025-08-08T01:45:26.028108Z","last_seen":"2026-02-02T21:06:37.662878Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac3e78c2c30d709d728b950913047790","sha1":"730e2ca8470e38d52437713114d2062ecdf2537b","sha256":"fa8193c3afd35be894a36a4387fdc0f07243da3da977981289a8927a463abd86","sha512":"a70f05acc2b68d252777a745ad4f0be206c80587d39d3a50a9de7819458c256459ef2403bb263a00ca7efca2c89ca2e46b0c74cbd54aeec7bf49c32a4b513839","ssdeep":"","tlshash":"9231260bcd0a22a3556284701a193268319004e3cf0034453f6e82181f4f20f21f25cf","size":1613,"data":"","first_seen":"2025-08-08T01:45:26.062648Z","last_seen":"2026-02-02T21:06:37.653344Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5949982b3ecfebf4268a44c4fe7b613a","sha1":"c3f45ef4053bbf270fdcc3a364a0dd5517ac70f9","sha256":"7bb2dff705310fcfb66721cd911c9b3cb12167d68acb7024f2b9fbb9d910616b","sha512":"73c68c94d005e4c50d78befe18d7bfc6243b5297868e888e00098267b6e566258a0b971e2444cbac545b6699e093f78748740a893d6e5cb75fafbab21903ad8e","ssdeep":"48:k88hfqDG9Mmk2xp+phzOgOOfDYU2olo9M1CSl525R2yfuB2yfBb:k86dxuwE69WCMMUyf3yZ","tlshash":"a6a1ce29e9e76504812330768fef5008b138a503c828ad687f4c92532fea42d92fdb6c","size":4798,"data":"","first_seen":"2025-08-08T01:45:26.008481Z","last_seen":"2026-02-02T21:06:37.656758Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"883a570c3dc152c6d1f1137537e8b28d","sha1":"8b6c8d1e6810e53afbbc1e4731e7462f55768d8e","sha256":"0a6945855f752c20e2ca11b7c91f861748009b78d1c4d684499ef2f21aa5677b","sha512":"550c1cc2e6c2e99016f23168ceeaf854da9e556c96b0b45418980e3dec736823574249827e8b7b776c3a6215db76def94efe5d7f4a66bf4000cfcf914398a1b0","ssdeep":"","tlshash":"6d31cd15d6b646042937707054ff56d43f16e423eb018915315cd5c05f68e35d93d55d","size":1867,"data":"","first_seen":"2025-10-16T18:47:47.763713Z","last_seen":"2026-02-02T21:06:37.648309Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"430c48d2aecb87b16d03d01c9f7ef277","sha1":"d6b6cfce97ffe4df1384a37d983767398cd11d16","sha256":"6c6e16b95fd1cf6912c32add0114f411933559adaf3b0a4190d749bf9d280c52","sha512":"f7dd8db95f1ca5cb7bde38da11e27c0463cdf08768203053af03bb1e6fe166e9a87bf5142b7c60d1b23fc98c36ab0d9dc5c90cf6b1d8bdf02a71f2b94e559fb6","ssdeep":"","tlshash":"7c513839e7b23250d8b7b23b2baf935829918043c50dc9123f4e76b40f1041f3d446d8","size":2772,"data":"","first_seen":"2025-10-16T18:47:47.801215Z","last_seen":"2026-02-02T21:06:37.64784Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7024803f70cb10ac0eed2004cf77fb91","sha1":"228a00c3ca5bd3b021cb930045c43df84a94467e","sha256":"6664036708e074f2d2dba6df3ee1f383567d48c8d15e24cd40507b556ae10c13","sha512":"a7f342d7a96ea848f0a6733f17d70c946b11e9bb8a34f6408f1d4eb054ec94f9bc4da96a6b78e0a5aeb7af443874d8eb2c7e22f7dbc8e6889927f9368cfd55c1","ssdeep":"1536:+1+wGqkjcIIUWKvCaZP4ApdJj1UwhJA8rKyPSvAg7KrgLyANJeftiQ/ESDy3LEXS:JcnIlP4AkwhJf2v1zyqB2cbntI2TH","tlshash":"16c312da8e076f6bf098973e641ddf2e4a340b1143ec96998cb994b243a50c6d03de68","size":120703,"data":"","first_seen":"2026-01-07T13:03:17.268169Z","last_seen":"2026-01-07T13:03:17.268169Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/plus/plugin/js/bootstrap.min.js?ver=1598106537","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","size":37045,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T01:19:51.244622Z","times_seen":90100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"49165449fcde4e4fa8b68a44f2f7c7ae","sha1":"038be88df81820160f122b36c95f6a9de8d6547f","sha256":"c576941ec4ee53f3201ccd819e9310c83643f0e483dca41d97106be8fedeb638","sha512":"f806c3a15d9afcfccf421f2905973c4ee16f634b396f4075daaf2970fe218d4fbb7b4dfbe2111e47df85613d18ed0960c38b25565a82963abd7320d6c810052b","ssdeep":"","tlshash":"8821924acd31212499de663846b632eb351154a3cf0aa8a93b8d9310af4881f20382ee","size":1127,"data":"","first_seen":"2025-08-08T01:45:26.047671Z","last_seen":"2026-02-02T21:06:37.649295Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd5439da38245f83ed1ff162d385ad80","sha1":"2dfc7a4bd6565b286229b60191e78dcc0e81720a","sha256":"e257aa3b5d4e2289fddb30f6a9f88aea70f3734c9c457c0fb09c5c547915735f","sha512":"0191e5aa22a152f00eb5257306023035de270670dce9878e4595a4df7e3f0320adb70f2a01f0b733ebe8165fefb16ab767a25e87ea3310da00399a60d9c687e3","ssdeep":"","tlshash":"d8218c3bc79a1386598b403a2ad68a0571a818e3ff189c107a4ed3111f8a90a217de64","size":1211,"data":"","first_seen":"2025-08-08T01:45:26.01398Z","last_seen":"2026-02-02T21:06:37.659601Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3801d7eb2dae3020f5fff8df02c4b1dd","sha1":"31949e49658f70d02c7748261a73e7b8fafc33ad","sha256":"0e910c2331fb3e074fd679da576520688cb73b0f8945d744a5bd0d5be6e50ea5","sha512":"e9a9d6b7a5826eb14811e3c6d66307eb199d2d919cb12a45a56cedc3251b8159f2a684e53936f18a66f6f58ca737832eb3956e0556633e4580addd3ac7e008ea","ssdeep":"","tlshash":"1c41ede9f4e804004427ec7cac1fb19b21aea00ae04cc831b5ba60c19e212c9569be96","size":1947,"data":"","first_seen":"2025-10-16T18:47:47.751651Z","last_seen":"2026-02-02T21:06:37.64978Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"04ed027d62b341089c2c6d2702bf58d3","sha1":"ac5820d15a97bd5df69b1d9baeacd64e86b25907","sha256":"800e88cadb0cf245be4b12cdc3899915b32bd2a78fa5cf89f3f1f398daeb84ed","sha512":"7144e6b95d0467cda2253710c90100de41364fc36534f06084f64496425a01a036700a64e7757a1674725cf8fe531556b096d682cad7edcc8f99fb63e4035a21","ssdeep":"","tlshash":"7e315ecec1ba2876068fb4361ddf2814995361f7ca8829253f4c81212fd521d8dc776a","size":1829,"data":"","first_seen":"2025-10-16T18:47:47.837783Z","last_seen":"2026-02-02T21:06:37.657363Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?13d000e86c487ab21ddde56b764037d6","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e095d8efe5714e790b6619afa2facbba","sha1":"72aa6089b871ef9962da2f3322d464b457565fed","sha256":"19333fd42d32cfc73d0a83ef9b12b6a6e9f40a957a3267d691f31946b81b613a","sha512":"6c757a3f85875ac464b16be6160fa0d12f80473f000909ad7a3ebc980273baab517ee0d33b992301ca01dac89e80804162360d8812f42b12a59e43ccbb92f6a3","ssdeep":"384:1oJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:1o4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"87d2c9a9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29903,"data":"","first_seen":"2026-01-07T13:03:17.24779Z","last_seen":"2026-01-07T13:03:17.24779Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-migrate.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7199,"data":"","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-06-06T23:53:13.936658Z","times_seen":23408,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/login.js?ver=1597629260","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"24bc8669caf172f2c17a06fcd73ae539","sha1":"3bad8f340bca43d8fb98c3ca39def12f816769a8","sha256":"29df48677fd1c2b2a602c35faeadd3693f083b78550b2c0f3108f356c34b74bd","sha512":"0b4b2dc35f8b97238079334be832751d1e33dfbbddda4961c38127afadcb088101bad71b0442bd810930df2658dfd9f42da0b08d44bb1e1f1dd0a5dde33423a3","ssdeep":"","tlshash":"f3c02240b13f377c587372a0803a0506df73701c1c0056e0b0b842a02c187040813c78","size":191,"data":"","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.883349Z","times_seen":5042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"474ca9bed740281758253924b2ecc86d","sha1":"e717ae94720041a4f8c1e0a7b1185acfa5a95ac7","sha256":"22fb79075f7ab04a5ab18e571063d9705e44cee693aaf293401d67d5fdba774b","sha512":"adf599a6a9ed0df6785f7a4ab7a5995e40e4c694427df7cd039a67dbec3c81316d1f50122837a497856c80028d4005ffc468c0a8b2a18935c5e013395df4edc7","ssdeep":"","tlshash":"a6219a1cde1a484229e1cbb80481164226985583ddb0fa2fbb9c96806f6e02f97f26dd","size":1419,"data":"","first_seen":"2025-08-08T01:45:26.025372Z","last_seen":"2026-02-02T21:06:37.662337Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"67121cae1d35cdf1e3480d0b958281c2","sha1":"b64cf5185574286bf1a78ae50ba923413cc27086","sha256":"22af61a293a3421d1dbbc2732801183d249c81c70366bfdb14b987ef7cb14ca2","sha512":"6150b8010cdd7382048d3d2d584ba03b8b5a8a3765a3cdaf0af786ba5b811a127d3008ed3d138ebc380cd4eecf71efdc4e84f300fa64e8856317d658eecc71e8","ssdeep":"","tlshash":"cc417bc5fab153a0593b14b66cbf510a6d127407fe0bf52af14c56d05f2841c31b9989","size":2380,"data":"","first_seen":"2025-06-21T12:11:08.042563Z","last_seen":"2026-03-19T07:12:23.071206Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/#","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-07T01:12:55.001935Z","times_seen":121501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/#","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-07T01:12:55.001935Z","times_seen":121501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/#","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"efc15d48441164739953da68bfc1df3d","sha1":"1e299c43328b30926665150d999b01aecc42e754","sha256":"652a9b5398a51bd793ad5230a93e4112c3aa0535fd8b33bf3514ee8cda54b830","sha512":"0b578883e2557434e3457a7ea9d1d35b6326ebcecb68f039d8fe68ca23778904bde9a6f4cf4a77cbb451e979efd121885b140fca02dee2ce4952f763c011a133","ssdeep":"","tlshash":"3ce026cda3d086c63ad32c991152645c71a91d2634944d65d800284218d6a271dc26ef","size":324,"data":"","first_seen":"2026-01-07T13:03:17.275266Z","last_seen":"2026-01-07T13:03:17.275266Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"308b0e4314a9718e7acf4269e4c7467a","sha1":"e883fb7fdc9759263fd22a72351fd6f0f5d0e601","sha256":"d4ad54431d7e6a42a4b3e060a2537eee6cf7a9feb2c045d8a66188c9f3ca5c06","sha512":"344cde766800bbc82fbddfccb93e115912276b13c3068ed37c83913b6f93e146034be1f365486bd2065f75604b47ea07677ef3d137832025ecf9e626668b2781","ssdeep":"","tlshash":"1d31a689f39cba27c07e00b44c7f65c5d11e2871ea0a1ea5fcfc52a622de756329f184","size":1482,"data":"","first_seen":"2025-10-16T18:47:47.84108Z","last_seen":"2026-01-19T01:27:06.630045Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","size":253669,"data":"","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T23:56:34.365715Z","times_seen":21192,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/share_unite.js?ver=1749181409","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"00c6288b67f7750a75b6e9abbf74c8a4","sha1":"5f464f4ce28448acc1c2fe825d4218795b023db4","sha256":"20327edf72e6632c450e8f8e443db2f728361f74b68697932491108c7f483b9e","sha512":"39dac004bb9b904ec4c4bb4d4963c3b8c4c9d98f9a80d90e53134e28c6055831652f0911e59b58f54c4b1e7156d8aba181b90ee3fe0ba6aefb67162b990787c0","ssdeep":"","tlshash":"37513127e6b82006207730a7deee346b556a8426b3417f06b7bc01a54fc58ac7f9270c","size":2667,"data":"","first_seen":"2025-06-07T06:32:46.623015Z","last_seen":"2026-06-06T23:09:22.850706Z","times_seen":4069,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7712a1073ac0eb8f75f60e4c8ff16fee","sha1":"f344af126c51961591b33bf38362f626a5a10104","sha256":"32b1a5d08ba2453dbcca4165fb16648cdd77f4dc8e7754f44cc6670392df5ff4","sha512":"78df64a405c793a5d2e35a33e895c521024a516cb9044b3154c507a6e4a99696806d90ed3f23361848af1a94f76cc4ecd589ccd526026696f73729274a30fc75","ssdeep":"","tlshash":"5321c2a8ea717120508641721ad3495eb914b2a7ce2130183b8cab272f5d86f77bb18e","size":1324,"data":"","first_seen":"2025-08-08T01:45:25.991362Z","last_seen":"2026-02-02T21:06:37.659127Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"711232cf3eab7e807a5497bbfc2d6188","sha1":"7974e1dbc2dda6c6ad27a841ae06748d938c7252","sha256":"bf571bfad045518e18b9d6da613864f15341b9abc91e0d9959bf443c259b34e4","sha512":"7583e7ad054c1b76b5703c563ae103073558a3ccd44953b3a428d87f746db3a9b364261cb17a7fb11696b861abe958add97985a2b0c441e13ad3562927b8da2d","ssdeep":"","tlshash":"bb21cd58da707120504541311a93465d35507297cd253018375cd7131f9d89f77bb54d","size":1380,"data":"","first_seen":"2025-08-08T01:45:25.986214Z","last_seen":"2026-02-02T21:06:37.650715Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba071b471686c22de4aa15b86441bcad","sha1":"3f8db73ee951fec6c1f5ccc6f343f14d70e7534f","sha256":"a8b396aa45d310f25cd2aa896ea2d4b7f8dd2db1bdc8d46ad1800fc9c8b588c6","sha512":"e6184eac08ec47ad55486f9efd3c94b048e4a7bcac9ff3da32b4240f5548e857042473f902631bf57cc414eda593e2d2e0bd5bd7d175739060eb1a760c259b90","ssdeep":"","tlshash":"067127a2dd1402b24196633236a30b522a51609bde513024b7cd95b44fce69ffeff6bc","size":3789,"data":"","first_seen":"2025-08-08T01:45:26.030731Z","last_seen":"2026-02-02T21:06:37.653867Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"22361c225da05ec1cea1615c84687138","sha1":"698ca12f1f07894f569ed284e0a1fa9d9f6e8ed3","sha256":"198521d0251ee65658825d8d4863af3a9989e293a4a0e4ba3c37739c7cccd96b","sha512":"449e1d73b4f0c791e120dbfb97473eb10415fee5ea9c60d5613bc2c725290c77db5bdf2ab8dc51938fa20b71cd9670d3a6d74ac4a6bd17f2efb0fa3cee433a77","ssdeep":"","tlshash":"b441ab11f109ee4a313bd87b223e7d180aa46045f93816de80a2259b6c6080e64b9acd","size":1882,"data":"","first_seen":"2026-01-07T13:03:17.280544Z","last_seen":"2026-01-07T13:03:17.280544Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"092b6254e1e7151e9d69f6224ba3972e","sha1":"4fce05fb7d02f484d07d52842dfcd448e2afdca7","sha256":"4806bb0959a26cc172e6f4e5eb5cab8774f0940b5be4cf9fbd5ebffc77687a7c","sha512":"2c58157e1b479cc3cf78bbc930832674c404f26b42396c5f9902074cf6aa611613cf650070f6d3142980b24659c9e68c75253bb6ed97749bbfcf592837b1234b","ssdeep":"","tlshash":"2241621af4d78728147736ba97bb23471d32148fda8ece0cbe5c0bd0cf2a25a5182708","size":2130,"data":"","first_seen":"2025-10-16T18:47:47.744482Z","last_seen":"2026-02-02T21:06:37.651189Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/checkinput.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1701a1c0e116f99b046f95c9f2f4ef5a","sha1":"c0ea303e6c96847ed6bb4c72afd3a84332ab5b3a","sha256":"5a053d48644953a4dbc5f0cb73d4723dd958c9b5574be9cdaac4bccf21d9f38b","sha512":"131b0b96f085bbabf04eac826013f7a62402bfe7e8aa4f6830ac9bdd4d629e4062a687b03a14d6c02d8ea741aea17fe4646da4c054c1954454025fa22f0fd307","ssdeep":"96:ZRORCQC5WCPCD9CQCwCGCkCmCQC+MiCwCdCuuCkCbmCd9P/ddPojcHoujp1SPZaQ:ZRRRvJdlANu91diXdT59j6IQNHYerS","tlshash":"9d62204de0983ea6857333750e7f5200f57906278525eb08be9c59b42fbe80a4b63f5a","size":15360,"data":"","first_seen":"2023-04-15T09:13:23Z","last_seen":"2026-06-06T23:09:22.908832Z","times_seen":5040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/sweetalert.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f9966a615f3f46d846807adbe42644f","sha1":"441544c084828da55ca0bafdc4c3df7dc7020820","sha256":"be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c","sha512":"e85f14552c1b5837780990e210223c5d6f532dd55f16589f682d1f2f95acc540b715aaac23ce12f871661006f80ec9043a9674dfdec1c3efc0819125d492dff6","ssdeep":"384:Rigwo5UpVZG9lOUlgkhzj7FRNE82XyySyTYayWri/SRVRXFKP9nWZcT2Rc8ex51f:RiB8lOuR5wSWrrRVR1KP9WK6Rc8ex/","tlshash":"ad72c899325438b327e361f1009f504ba4b196bde8095861376cc9e62ff8cc95ae2f77","size":16994,"data":"","first_seen":"2023-03-07T01:11:43Z","last_seen":"2026-06-06T23:09:22.922005Z","times_seen":7132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa242893c8f2286be996282a837f43b1","sha1":"2ebb333f76855363bd4524a24ffbaf2b314a4035","sha256":"02d0bc9cfe4455cc69f1a45364fd82d3b479a6c18e984ec5bd4f420d69bb9a43","sha512":"5fedd1ecade1d3dce81cabb860c0052c15be4bc43855973976ed96ab03dbdcaec86f6bc4b9cb2d4163b7e84a380a97650f0185f8549cd6805fbe1060712f3a9a","ssdeep":"192:6NeTmZW8XQcTtEtjKRzfQhFxhBizH4A1ltpKS9:0rWMGj0TQhLhBGplt0S9","tlshash":"5c021005ea1909924492937938d71d27229cc187ce41301e7fec4ab92f9f42fb8f765e","size":8953,"data":"","first_seen":"2025-08-08T01:45:26.016554Z","last_seen":"2026-02-02T21:06:37.651704Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"10e6ac18749fb96cb5fe7cd4cbd44552","sha1":"d4eb940c8d9567705c437f3ea3c793758b43d723","sha256":"be0d5ccce3e6d9352d5e08bb6fa7c5ee0424a606b01ed2387b05e07093c12232","sha512":"15b672f4a2a6938975107a5365fecfb4c6ec279b4648115e970cc1a9e151c731da5ebd4b7ad7600ce67f9d2c5aaef8baf501093286847ef19fd6a0043bd9e419","ssdeep":"","tlshash":"1d31e59ff0f9022106f774324e7b5104392650abe447ab0036cc56406f68a2f8ae9e9a","size":1869,"data":"","first_seen":"2025-10-16T18:47:47.797957Z","last_seen":"2026-02-02T21:06:37.660112Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce687eb379779b59516702a8b411b7b2","sha1":"81beb02b5d3f0a8cc8226ddc090d3d3225d70db3","sha256":"3353883d4f82154c9b7a871e738c0e17c454ede35c57f38c2057006bdeb21e6c","sha512":"de4073b7a68018936913fd5ade6402c967509666733d9ad93431585d7bd93888e0d67217398926d2db8f9b56a4cee4b6669af47667fa5c24c241e607ffa32883","ssdeep":"","tlshash":"f2417bc5fab153a0593b14b66cbf510a6d127407fe0bf52af14c56d05f2841c31b9989","size":2338,"data":"","first_seen":"2024-10-23T22:45:23.846937Z","last_seen":"2026-02-02T21:06:37.654836Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/plus/js/unite/crypto-js.min.js","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf3402d7483b127ded4069d651ea4a22","sha1":"bde186152457cacf9c35477b5bdda5bcb56b1f45","sha256":"eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc","sha512":"9ce42ebc3f672a2aefc4376f43d38ca9ed9d81aa5b3c1eef60032bcc98a1c399be68d71fd1d5f9de6e98c4ce0b800f6ef1ef5e83d417fbffa63eef2408da55d8","ssdeep":"768:LuxoaUN4+OIhwP53+e0QfA31jQM9OT81NHv4rnwfe:LuxoaU2+LwB2+G1ZdvCwfe","tlshash":"9c231bc1a19c219152a774d0093f7107b463353a460ed5acf668e9eeecbcaea903dd7c","size":47992,"data":"","first_seen":"2023-03-07T12:04:24Z","last_seen":"2026-06-06T23:28:27.955467Z","times_seen":76642,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"06f2b49b56e6efcaf64bba6a92eba4e1","sha1":"917a67df953dd2d2065e669d77fec4648e5d821b","sha256":"15793eec4f9e05a28e800104abede54649ffff8dbd2c16bbe7f6e81e155e82b8","sha512":"ec76c8a68c4f765161525d3da1a91956f6392ad13baa2c45d6238cb807adc274044a8385f26b0a66b56df318bc1af452fac0098dad16f5a976a0b0c87b5872cf","ssdeep":"","tlshash":"4a311297d16c5c5d45cb9670342518a5330ebcb3fa028ae2e23fc76832b3d49c553d6a","size":1528,"data":"","first_seen":"2025-07-31T04:29:11.983216Z","last_seen":"2026-05-02T03:51:45.664772Z","times_seen":1580,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"36e5e606e3451136432c3aef5e0be05a","sha1":"fc1fcd857f148bcc274fc870d936551f89079364","sha256":"231cd9c6839d6a4529485d88a2bd46deb60d1e9d13af2ddb55e5b9ad0805b255","sha512":"0773e590780a10fa752d7c1bd6dcdd4e0aba53d1775a6169c414082e4f9b9d9becf81c9a94b1266e2677365da6f233e99ca40ce951509ae8ae41c79dbbf61792","ssdeep":"","tlshash":"8d21c2a8ea707120508641361ad3895e391072b7ce213218378cab2b5f5a86f73bb58d","size":1348,"data":"","first_seen":"2025-08-08T01:45:25.993932Z","last_seen":"2026-02-02T21:06:37.656287Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c73aef48a18502df5cbcc7ea86d8ae6d","sha1":"64b51c80053d2d910ae35ced3b34ef9944c5f521","sha256":"007f63e0053870ea92bac5f236d76c7710b442a9a53720b0e4376b271b023263","sha512":"a2cd67a2f2f8ec71c8859a16a809019b9e6ac56c45dbb61b5c5b77ac7b63146ed8bd1ded2fcaccb838b64a00f39ac8e781d128d6777146fdad43b6aa3eae740b","ssdeep":"","tlshash":"93419246d3e56137a52aad384caee1169a318003dc3f3c74b9c09a54df5e62c90feae1","size":1995,"data":"","first_seen":"2025-10-16T18:47:47.767436Z","last_seen":"2026-02-02T21:06:37.65434Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/encforms.js?ver=1761119296","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2d77387c0dedc78ae85a7ab52aad886","sha1":"0d8ee19645e8246409f76adee4412ecef3466b76","sha256":"2af6b51b39ceab86129d473a1fb9a4a827539efc7452de2103a84ebd09d75790","sha512":"d922ced4a418ef9049cebadaf49f897432449ad051ece1361014ca9c64514f9eb53f6d77d6e83551ed2939d0eab9d518f0c048e12aef3e167ef3d1d517dbe3ca","ssdeep":"192:gxlzcp1ISvp1S/yakFAn1hQu66H1Ka1t4l/O3a6Nr:zb6cu6IQM","tlshash":"9f32209871bb1870993338344bbf8512793ac11f4c5cd954bdac2aa07f58a5ec6e1bb4","size":11858,"data":"","first_seen":"2025-10-22T08:39:12.013749Z","last_seen":"2026-06-06T23:09:22.884025Z","times_seen":1489,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/jsencrypt.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"64507221feddff84c80b99c98827d76c","sha1":"5c7000638c6bae1a1c448367822a8682d59d371f","sha256":"5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389","sha512":"cc3beba9e9c0d1e149642c41b2bcb351972f8a1bcd9445dbb5e32feb6c91c5d851e2cecad5a6b3f8b8ec4727e4e8cf9824bc80244baeaae20023c23c1a02c2f0","ssdeep":"1536:cJxLSEwwmr2yZPp8yQPj6OR1fdfqovoRonm7f6T:cPErPp8yQPOOR1fdfqg2l7f6T","tlshash":"cb43e9853ae6b075039a50f0051f084ab13ab92e192f44ecf699d8e17cb584d637ffb9","size":56142,"data":"","first_seen":"2023-03-07T13:16:24Z","last_seen":"2026-06-07T00:24:38.784855Z","times_seen":18578,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"1accba7232a90368816fdb3b1530f505","sha1":"0b08a24dc7fdae6a76ae13fe904a60e6b4165742","sha256":"bcba53d7bafa9e40d272d71a7d1110289b1e9fc78485713ae917c039703c7828","sha512":"b740fc3b8d648dec43f2329711f57062475de8d03bcf6ba05af4c8318a1c077626e16bcbdda06626c93210c3c19afa0e7b6ba38e2612abd01ce722bff570c5c6","ssdeep":"384:h+AWrUpvT6JxNvYNw77Jch82jmKWJUIEw:h+AWrUpOJxNvYNw6hjmKWJ7V","tlshash":"6203219015fa106b4572d1e23ab12f2faf95f493e54aca0476fc1fc88fd7d86a423099","size":37786,"data":"","first_seen":"2026-01-07T13:03:17.288006Z","last_seen":"2026-01-07T13:03:17.288006Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"bet73028.com/","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T13:02:48.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:49 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nCache-Control: no-cache, private\r\nContent-Encoding: gzip\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; expires=Wed, 07-Jan-2026 15:02:49 GMT; Max-Age=7200; path=/; secure; samesite=none\nvanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D; expires=Wed, 07-Jan-2026 15:02:49 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nX-Bos: b83\r\nX-Cache: BYPASS\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"crypto-js","description":"crypto-js is a JavaScript library of crypto standards.","website":"https://github.com/brix/crypto-js","common_platform_enumeration":"","icon":"default.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121175,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"7f2b81a4e97aa6e18f85cdb19b8d6b7f","sha1":"b0100fb9d5e49bf4f07b8f3d6fc8eff23593614e","sha256":"c251895908f0e0e91afcc5f4064ed6738371d68b739827c6defee84da7ab1f83","sha512":"d15c79c07552137591420f5d78c329d9205722f9b290581bf3aa60fe62dd1b3c2ea821731a95d58395f0c37f9bc86ad0bd6aa8d9a98fa60281b0711ab509e048","ssdeep":"1536:Y1+wGqkjcIIUWKvCaZP4ApdJj1UwhJA8rKyPSvAg7KrgLyANJeftiQ/ESDy3LEXJ:XcnIlP4AkwhJf2v1zyqB2cbntI2TO","tlshash":"afc312d98e07af5ff098977ea82ddf2d49340b1543ec9b8988b994b243a50c5d03de6c","first_seen":"2026-01-07T13:03:17.215248Z","last_seen":"2026-01-07T13:03:17.215248Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2335,"timings":{"blocked":518,"dns":0,"connect":254,"send":0,"wait":1040,"receive":260,"ssl":261},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/plus/js/unite/crypto-js.min.js","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:49.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /plus/js/unite/crypto-js.min.js HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; vanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:49 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nEtag: W/\"61dff778-bb78\"\r\nLast-Modified: Wed, 07 Jan 2026 13:01:28 GMT\r\nX-Bos: b83\r\nX-Cache: HIT, policy, disk\r\nServer: nginx\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47992,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (47992), with no line terminators","md5":"cf3402d7483b127ded4069d651ea4a22","sha1":"bde186152457cacf9c35477b5bdda5bcb56b1f45","sha256":"eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc","sha512":"9ce42ebc3f672a2aefc4376f43d38ca9ed9d81aa5b3c1eef60032bcc98a1c399be68d71fd1d5f9de6e98c4ce0b800f6ef1ef5e83d417fbffa63eef2408da55d8","ssdeep":"768:LuxoaUN4+OIhwP53+e0QfA31jQM9OT81NHv4rnwfe:LuxoaU2+LwB2+G1ZdvCwfe","tlshash":"9c231bc1a19c219152a774d0093f7107b463353a460ed5acf668e9eeecbcaea903dd7c","first_seen":"2023-03-07T12:04:24Z","last_seen":"2026-06-06T23:28:27.955467Z","times_seen":76642,"resource_available":true,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/font-awesome-addsvg.css?v=2507231","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:51.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/font-awesome-addsvg.css?v=2507231 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/plugin/css/font-awesome.min.css?ver=1753257975?v=1767790968\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 12:59:59 GMT\r\netag: W/\"688097f7-5ce0\"\r\nlast-modified: Wed, 07 Jan 2026 12:59:59 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23776,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2811)","md5":"6097f31c1b8ed2b58b36a26a704531d1","sha1":"f9d2b2c866d186c372ff6c11d5f69e608ca0f457","sha256":"4acd44ed0da6eae50d2f4b38649e6085c73d3202c08ba85870be5e0eb80a55c9","sha512":"a02f15b6e01f10bac28e3e1e24f8605ab65bf0c1e0a10b6746cae341194037cc71b124f39ee75fbe28bd1175f329e7065595437131f8856801c574642b84acc8","ssdeep":"384:AD+8djF3PcO3Pc4XfVK2wMXyWq73r2wMXyWq739WqMWqq2gw/2gw72fQ62fQ99:S+wxBjVHyvjqyvjUi1wDwq9","tlshash":"86b263b2460a78e24d143b3bd2a92a0d574dd6e2fe93ee56d07609588b0ff1837471bc","first_seen":"2025-07-24T08:18:26.078876Z","last_seen":"2026-06-06T23:09:22.925451Z","times_seen":2865,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":579,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/checkinput.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/checkinput.js?ver=1598008226 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f3faba2-3c14\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 15380\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"1701a1c0e116f99b046f95c9f2f4ef5a","sha1":"c0ea303e6c96847ed6bb4c72afd3a84332ab5b3a","sha256":"5a053d48644953a4dbc5f0cb73d4723dd958c9b5574be9cdaac4bccf21d9f38b","sha512":"131b0b96f085bbabf04eac826013f7a62402bfe7e8aa4f6830ac9bdd4d629e4062a687b03a14d6c02d8ea741aea17fe4646da4c054c1954454025fa22f0fd307","ssdeep":"96:ZRORCQC5WCPCD9CQCwCGCkCmCQC+MiCwCdCuuCkCbmCd9P/ddPojcHoujp1SPZaQ:ZRRRvJdlANu91diXdT59j6IQNHYerS","tlshash":"9d62204de0983ea6857333750e7f5200f57906278525eb08be9c59b42fbe80a4b63f5a","first_seen":"2023-04-15T09:13:23Z","last_seen":"2026-06-06T23:09:22.908832Z","times_seen":5040,"resource_available":true,"data":null}},"time_used":2118,"timings":{"blocked":880,"dns":0,"connect":0,"send":0,"wait":410,"receive":828,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/main/logo.gif?ver=1612839866","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/main/logo.gif?ver=1612839866 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 12:27:59 GMT\r\netag: \"6021fbba-3bd1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:27:59 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 15313\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15313,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 224 x 91","md5":"3719047940db89e415097aa46f3bfe51","sha1":"ffa944db5a95f8771081a2147ef08115095d55b9","sha256":"819ed93b5f94181c65947ee5e77fedd1237ab03f8c9d2ce75e2811405d0114f7","sha512":"fd156ce12d4ea6ad124da6388022dd6349d96c3b5ce05953850f91d6cea30a7215fd9aea4307650671c564b9ef15110beb89df019c25b9bee39963607761ba68","ssdeep":"384:WnG3n4ZBE8t/DRPm6/EG4U50BE8t/DRPm6/EG4U5+:WamBE8t/tPm6/EJBE8t/tPm6/E7","tlshash":"a0627c0dc17771fef15a3ab076223f090d9489b86d069ee5c81cabddfd8d04e4198ba6","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.470054Z","times_seen":3281,"resource_available":false,"data":null}},"time_used":1911,"timings":{"blocked":902,"dns":0,"connect":0,"send":0,"wait":816,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery-ui.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-3dee5\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 253669\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32074)","md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T23:56:34.365715Z","times_seen":21192,"resource_available":true,"data":null}},"time_used":2343,"timings":{"blocked":898,"dns":0,"connect":0,"send":0,"wait":410,"receive":1035,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/font-awesome.min.css?ver=1753257975","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/font-awesome.min.css?ver=1753257975 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: W/\"688097f7-71b3\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29107,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28900)","md5":"31bacfe1d010712cb3837aec4ec1e237","sha1":"3c28b0f6e91fa137ab67c8370f11f60a63d87d02","sha256":"4f0bbfaec56962e62f55bef603cc25d0f56cabce57471131b21f4e9438066baa","sha512":"29c73d08840e5e21c677748c0aa88ee7900968602af5cbb5c6f6bf801c765b64562f4401a49f041aad7e229461be70db9a5a74317bbff479724547013a0d19cc","ssdeep":"384:Qu5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8yQ/8dwwdG:blr+Klk3Yi+fwYUf8l8yQ/eC","tlshash":"73d250e8e54c01d66731c48bff81b36862baf73dd5844d99f01f690c29d22a522c5fba","first_seen":"2025-07-24T08:18:25.967403Z","last_seen":"2026-06-06T23:09:22.890191Z","times_seen":2866,"resource_available":false,"data":null}},"time_used":2676,"timings":{"blocked":1049,"dns":388,"connect":203,"send":0,"wait":568,"receive":0,"ssl":460},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/login_unite.css?ver=1614680239","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/login_unite.css?ver=1614680239 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 170\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"603e10af-aa\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 155\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":170,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"5aa3dbf621e04d73e3a023b18dd141bd","sha1":"f35345fc401964592d37688e641b86f9eb3931be","sha256":"dcde9ab25bde6d1827a49457a7ef72e7e177ef141a188e074e23a9136ca2ef66","sha512":"1bdbd3e8c6e1dcd6e4381ac29ad636f9218a8ec0a972ee77c1ed1a4805d7d4bad8d776de93ca554d7f116e9a1f01873d6f1c048ed348873b78b5d3d285e5273f","ssdeep":"","tlshash":"d3c080530c954f57d50786957c9e87029b7e60209e548f1f1c341878da85f2461fd575","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T23:09:22.939145Z","times_seen":5028,"resource_available":false,"data":null}},"time_used":1346,"timings":{"blocked":937,"dns":0,"connect":0,"send":0,"wait":407,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-gibraltar.png?ver=1600747940","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-gibraltar.png?ver=1600747940 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:20:22 GMT\r\netag: \"5f6979a4-268\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:20:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 616\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 32, 8-bit colormap, non-interlaced","md5":"d78068aa4f691e86a736d5ec0fa45aee","sha1":"30e0842662a7f97b84289fb093c3755b99503e40","sha256":"12d00217bbf0ba6959f43b8ad1f5bbd0b9f7b63ecd6be5650bc91aef21716097","sha512":"a0f5aa3f4c004a5ba147fa4fbe283d1e06448deed3f11112d8700e6c3ac85b67868962e75d406dfea5a416f3c69c7d43ee5444e7e7db242c7c5dcdeff94841cc","ssdeep":"","tlshash":"f5f002d24bc2acbc90a6d925ab2c97a9e5c911245623ef3d91a4e018f447260a4d5786","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:22.987164Z","times_seen":4988,"resource_available":false,"data":null}},"time_used":1500,"timings":{"blocked":887,"dns":0,"connect":0,"send":0,"wait":610,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/member/call-request?check=1","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /member/call-request?check=1 HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImJySUF1djJydjJyNU1xblQrNkVlZEE9PSIsInZhbHVlIjoicHBJc0M0eXJoUUk0T09kOXlLejk1Z1VmWWtDSU96MTZIdlZ6dEh1MWQxa1RtUHJPNFo0blwvUnh0MVN6MUhxT1BMMXFhXC8rUGRMQXQ5K2ZQVGxJS21Udz09IiwibWFjIjoiMjdiOGRhZmY5ZTA0MjZhY2ZhYmQzMTliZDgzNTk2MTI4ODI4NGVhYTJkZWUzOWRkYTJhZGFlZWZhYWEyNTcwOCJ9; vanguard_session=eyJpdiI6Imh0bXpISlpscnlkZEJaN3drbmVjMWc9PSIsInZhbHVlIjoiaTZxdWZpTzNkaTRDVkdMTGFYaWhoWGhSNHFBVzFxenJuRWZqeVwvbGZ3c0xGRUs0bEJ3SGo3bnhVRFlIR1NEQzdDeForVnhrc3duUitlQVwvUFVYYmJNZz09IiwibWFjIjoiNzQzN2IxZTgzMzJlN2Q0NTEzYjg0M2E1ZGI3YjRkMDNmN2Y2MzQzODQ0YjdhZDI0OTY5ODlmZjVmZTliM2RmNiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:53 GMT\r\nContent-Type: application/json\r\nContent-Length: 40\r\nConnection: keep-alive\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nCache-Control: no-cache, private\r\nSet-Cookie: vanguard_session=eyJpdiI6IjVDNlFqTnpmT0dINTJ6RTRJUjIrNnc9PSIsInZhbHVlIjoiTUNCcldMK0k2XC9aNG50d1VBKzAxaXhaQlNhTnN1WkQ0Njhtb29JV0l4VVE1bkJIMWpcL0VOQ0FaMVJDSzFIaTNnTEJzNzhPbldnUDBVUldtWkZwM2xSUT09IiwibWFjIjoiNjFjNjdiYjRmNDdhZmY2NTVmZmM0MGJiMTUxOTQ1MTk2NDg1MDJhY2U4ZTk2Yjk3OWY2ODM2MTM3ODdhNTNhOSJ9; expires=Wed, 07-Jan-2026 15:02:53 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nX-Cache: BYPASS\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"27a5688b27ae3688ca0183ce926be3c8","sha1":"fa4dec3b6af6674afd7b14710cac41b15ae75b29","sha256":"4359a477fc8cc8212517f5a190d4aa0a7cd1c85509d56d2a6a8efef408420ad7","sha512":"d73bb567a0b0280d42dda28c8e97725e96529072bd78d0844786e008d9ce3f89c7c3399eea85342be65d7b440d6023094b9f2f5d624e7dde0a46fbfb1484bc85","ssdeep":"","tlshash":"e19004cc7747575c040c40c54d44004453744d005c500c04445c11c534401570750401","first_seen":"2023-04-15T09:13:24Z","last_seen":"2026-06-06T23:09:22.860485Z","times_seen":4878,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/plus/plugin/css/to_bootstrap.css?ver=1598106537","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /plus/plugin/css/to_bootstrap.css?ver=1598106537 HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; vanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:50 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nContent-Encoding: gzip\r\nEtag: W/\"5f412ba9-2dc4a\"\r\nLast-Modified: Wed, 07 Jan 2026 13:01:30 GMT\r\nX-Bos: b83\r\nX-Cache: HIT, policy, disk\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":187466,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (386), with CRLF line terminators","md5":"8778d79f7633526cee2d636c518d9d76","sha1":"b2e715b1c401220e8165353c60d1e3b3815cdb60","sha256":"de3c1a93b240cc733fec329f2272d3b640ffa5bb736ee5df966745c20aa71d32","sha512":"13eebee14a8f011114e3352939d8f0440dcfa3a28f3f0737126b661d669914ae97534f029fab80fa9d0bfa376ec68b86b86e2fc18b5aa844fd7b8cbe397e7eb8","ssdeep":"3072:v4rq/Ei8U6V3/k1UqQGQr79YiVk/UOiCYdf4Q4t1v1S38pWLgdXyLSJeFR+PfmgM:v4rq/Ei8U6V3/k1UqQGQr79YiVk/UOiP","tlshash":"a604a9989b003bc2a231867c736f4d01bf8881a195ea4d3db75f33785e679e66133e85","first_seen":"2023-04-15T09:13:24Z","last_seen":"2026-06-06T23:09:22.872345Z","times_seen":5020,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/common/storage/cms/cms_1083.png?v=1612880139","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /common/storage/cms/cms_1083.png?v=1612880139 HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; vanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:52 GMT\r\nContent-Type: image/png\r\nContent-Length: 27231\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nCache-Control: max-age=315360000\r\nEtag: \"60229911-6a5f\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nLast-Modified: Wed, 07 Jan 2026 12:12:15 GMT\r\nX-Bos: b83\r\nX-Cache: HIT, policy, disk\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27231,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit colormap, non-interlaced","md5":"083dcae037d113283d35610595299275","sha1":"f225b2b127e8d225a8911426742be25a683e8c11","sha256":"5f8dfd94e1774c3de80fa4fd84b1ec88aca70b1f0404b901e6937f69e6073a4a","sha512":"f3961a8cfd7d8c80a4fcd61fa20d7089347cdbeb8bac61672f8e810c90f61fce64c664929de946f1681c401dbe865e8971915d2b987bd84c76439b3d1aa1bb09","ssdeep":"768:Bd2Xa9+Nq/JMYDHnGnTy6IunVqUL7tDIoM+:BA7NKqYDmnu6tqFI","tlshash":"06c2e14d84f8ffb28c48192d85c07e271d68989207ca83755c94caaf31db79790fe5e0","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.527696Z","times_seen":998,"resource_available":false,"data":null}},"time_used":2035,"timings":{"blocked":1507,"dns":0,"connect":0,"send":0,"wait":526,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/NCDBC_210x204.png?ver=1700473768","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/NCDBC_210x204.png?ver=1700473768 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:05:24 GMT\r\netag: \"655b2ba8-2415\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:05:24 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 9237\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 210 x 216, 8-bit/color RGBA, non-interlaced","md5":"9bdd6b8d5589d397db7068d3a294de42","sha1":"98b5bb4cb3d46f59db14ab9f2ebb2b54348202f8","sha256":"6b53a71f33b8a9b1c81f84e0371a4028a1e7d2f1b6fdda72ad3cbf5cf99194ca","sha512":"641884ccbcb09834b95f57f6d1a7225fdc611ed6f54fb933dda63e33a34ffb440a9f9b873a0b22344ee9b8d364dec93afcb4cb8191a8694e32af13953c828a26","ssdeep":"192:ESLkn+Lp42swygyfFBzBkFlkZJM97Xq8uel5m1/+t8QdQTvmmt33lVb:Dgn+LpywufH2lkZJr8j54G+L93D","tlshash":"ce129e265f025d419cb4e30de9adb4c726af1ec0df5184e82aefc14d9db02ba825e1c7","first_seen":"2023-11-20T18:20:46Z","last_seen":"2026-03-19T07:12:22.982929Z","times_seen":1116,"resource_available":false,"data":null}},"time_used":1304,"timings":{"blocked":897,"dns":0,"connect":0,"send":0,"wait":405,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-logo.png?ver=1600719130","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-logo.png?ver=1600719130 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:28:07 GMT\r\netag: \"5f69091a-2b2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:28:07 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 690\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":690,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 19, 8-bit colormap, non-interlaced","md5":"b30ea49a2bcc7479a195bb1fc07bd031","sha1":"a7bbe06838b85840035172fa9a8ee6bd35c1c636","sha256":"08f3d508861fbb6e144807af6719ea78cf9c26e3c99a1cbd12f9d83fe9f0758e","sha512":"ac7f880c76eb7e3701046fc891bb9acc2540548431eff4552c3639dcc08b146f3ff973d050625edfbbe61407c36e36f03080d7380b4cc4cece176ea7cdfc4c3a","ssdeep":"","tlshash":"950162973981e41e91f65836d6a6b4a6a452960509e8c9f2a2db8c3c19204d0ee3e712","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:23.011485Z","times_seen":4988,"resource_available":false,"data":null}},"time_used":1504,"timings":{"blocked":891,"dns":0,"connect":0,"send":0,"wait":611,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-thwate.png?ver=1600719130","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-thwate.png?ver=1600719130 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:20:22 GMT\r\netag: \"5f69091a-329\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:20:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 809\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 123 x 32, 4-bit colormap, non-interlaced","md5":"997ba7f2d6da9a90f5517d426b5994e9","sha1":"61bdecfa266e48f6f0dc9469f598a45c7bff9036","sha256":"146c3bcd19eef83c9a698efae1d39cdbbf4a948f75b7677931654dffb89ae5f5","sha512":"673b28fdc116da7e830f7fdcab47496a72c13317065e4e4a934a86c89c939287f902f9dd225c78eb7c36a5859ba6fed717423078dc71dda886aaff9de2dcfad6","ssdeep":"","tlshash":"6d018669437c54668d94d3b0633cec11c5a7a3831878b353960380c9ef58a0260c618b","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.510707Z","times_seen":3279,"resource_available":false,"data":null}},"time_used":1502,"timings":{"blocked":890,"dns":0,"connect":0,"send":0,"wait":610,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images/dc_hot.gif?ver=1597629314","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:52.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images/dc_hot.gif?ver=1597629314 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 11:06:25 GMT\r\netag: \"5f39e382-56c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:06:25 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1388\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1388,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 21 x 12","md5":"e5f49d4212fec35b11b76cd616e1f8ec","sha1":"0697a3b11f5d0906b2d1cf59051b46ee3b5dc72a","sha256":"c34ed994680ca6446b85dd47aa963cd4cfdd07180a9517b4d7d37f3c7a1b94cd","sha512":"a7057e7e9cd4fec2ca911ac507ce7161412f8813453ceb3f2a1d28380fdaadf1e8d5119eae83f92ae001ca7f8a2cf0f0c0369a8ef2af4d751b6a08053c3efc94","ssdeep":"","tlshash":"3421660eed42b841944c68da3effc81f5651448089e4f4cbb49e6d1b5e1507e54668eb","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-06-04T15:40:37.708745Z","times_seen":5136,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/sec-nav-bg-grad.gif","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/sec-nav-bg-grad.gif HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/css/common/index.css?ver=1685095467\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 12:53:41 GMT\r\netag: \"5f3faae1-178\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:53:41 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 376\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":376,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 594","md5":"355b2cb853d78ae262c093065eaa6e70","sha1":"3e8d2a456204e635cfe5bd959cff47faf63023fc","sha256":"cd58d657e3d79583a5722257d8770e3b5f620f1d58e392f1d9460cc89ac485fa","sha512":"0700f78d8d439d90ed2eba294bccc07451cec67b8bf518c13a8221cccf223a31c9e620f193874149ac818a39a90efbaa8748607600b01c7c0f89f89b18521042","ssdeep":"","tlshash":"04e02d731aa377b0de08ec39abcb30ba280d243eb20ab1c0300c74da85c1832fd088c0","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-06-06T23:09:22.926453Z","times_seen":4772,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/sweetalert.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/sweetalert.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: W/\"5f412ba9-59ad\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22957,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d8cc26070373f41241f37ce5a9c9d885","sha1":"3ecb6f91187c0153724c950efcea0b0d944fd5aa","sha256":"460df149ba9d2eb000637d9bfb2df51c5080a19e9071ff4ed5a4b7e21a0bd2f1","sha512":"a10fd7b306bbe186c50c35066e45fb6491741c8ab161d6e8447069aa919e943b00768a3b65180195d68f6f2b7f4195035247d0b9115e5a758189a60bc1c04533","ssdeep":"384:MrFKaS31F8FkfZ6vFyFiFz2FFF01GF7xGxTxGxJwdD3qX1YtiemnEzpazAP:MrFKaS31eFkR6vFyFiFyFFFhxGxTxGxe","tlshash":"5ca223eb1de31284a727874553de4b2827384043a81bdcad77cd519ecf81eec21dab56","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T23:09:22.896117Z","times_seen":5476,"resource_available":false,"data":null}},"time_used":2232,"timings":{"blocked":1011,"dns":392,"connect":202,"send":0,"wait":203,"receive":0,"ssl":419},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/jquery-ui.min.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/jquery-ui.min.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: W/\"5f412ba9-7d4c\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32076,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (29137)","md5":"0b5729a931d113be34b6fac13bcf5b29","sha1":"88ba90d2d2944315afd28a706ee5715ed980c634","sha256":"ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29","sha512":"68e1b473a9cf3731a4fb9ce3c3225aa1152009d3ab7d20e198c203daee3e388b25af41a3a4b2a8ed79b4028df19a93384fc026228b9192ac23d67add56c2ca11","ssdeep":"384:pCwiEt7lcR8lOXHc11evBMzymUh+4C6G/zDcSc7nfZBhVi:slEtiXHcEBMznURC6G/zD8BhA","tlshash":"ade25330a5c2242dfe33c23060e11ef4523bc146eda65fbda09af65953ea8e4c47b971","first_seen":"2023-03-10T04:06:13Z","last_seen":"2026-06-07T01:30:43.086825Z","times_seen":11157,"resource_available":false,"data":null}},"time_used":2670,"timings":{"blocked":1048,"dns":385,"connect":210,"send":0,"wait":561,"receive":0,"ssl":458},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/float_unite.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/float_unite.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 725\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-2d5\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 272\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":725,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"077a2c1ebe25590b50eae8ce89787e0c","sha1":"499751737e286bbc93a46a1d2d4aaa3e2163d336","sha256":"093a799f9422754f7e53dfcc8516d3753616de283a14553f37d58b3822fd1b3a","sha512":"390f32fe8e81d9a379c14e0552c198d5f83e650f085b1df623c45cfc1aa4076d2e220ef02a4ef6747c0cd597eeecc510a67933c26190cdc306b28ffc861c366a","ssdeep":"","tlshash":"080147d307230b40fc1ea3196fde835e142a00cb9c9ecc08366827689f4b62c9662ff4","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T23:09:22.923741Z","times_seen":5026,"resource_available":false,"data":null}},"time_used":1358,"timings":{"blocked":951,"dns":0,"connect":0,"send":0,"wait":406,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/header_unite.css?ver=1744941935","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/header_unite.css?ver=1744941935 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 4957\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"6801b36f-135d\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1796\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4957,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"b934b75c09f2645b1e46dc5a89d13fe9","sha1":"91a38586f325f7b98af5eef96d66f38a04dace2b","sha256":"f17daf0db63aa8fbab2a4a73efe37469d9b17d13df2a1d7ad0512671c6ebb408","sha512":"d8e77a3eeb8a2d055767cbbe218a53bafa85c99fa3efaee736a4dd74743b922e6d64115317560c72969d0e3496c13f5b684803ca71ff6b0c4b3f7c0fa7122862","ssdeep":"96:N1/uCASG8K0h91s2sqVKnmqHuRbElB/sAx7BdlAfq0WO:N1llK0h98nHkbaB/HB+N","tlshash":"56a165ba9304100ab367d56578a0cfea63bfa1918442ab7dadf9304dc4ce1d456f62c5","first_seen":"2025-04-30T10:38:17.688345Z","last_seen":"2026-06-06T23:09:22.877921Z","times_seen":4291,"resource_available":false,"data":null}},"time_used":1540,"timings":{"blocked":930,"dns":0,"connect":0,"send":0,"wait":409,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/204x30-live-streaming-02.gif?ver=1678956392","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/204x30-live-streaming-02.gif?ver=1678956392 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 12:05:24 GMT\r\netag: \"6412d768-1a9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:05:24 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 425\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":425,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 204 x 30","md5":"63c123f206f80da19ec63d929f8e5f45","sha1":"41fbde8999e4486fc23779736c4717dff55702b6","sha256":"7ca0b58a9b93be2acea0a96626d5c6597eefeeee1602330f60e2f5b54dbef61a","sha512":"26a7fa7546037e3961e73f71c45a6fba16af15012af3ddaff41c0fdacd01e4826dceff00cfa8653313480a1bc899739cbf31bc30266c9e317cae9da9a1e7563f","ssdeep":"","tlshash":"67e060eef04444ece90ebd3b8b081204fe9c57a001524fe18c7021e488a77eb33a838e","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.466761Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1710,"timings":{"blocked":895,"dns":0,"connect":0,"send":0,"wait":406,"receive":409,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-migrate.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery-migrate.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-1c1f\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 7199\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7085)","md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-06-06T23:53:13.936658Z","times_seen":23408,"resource_available":true,"data":null}},"time_used":2111,"timings":{"blocked":876,"dns":0,"connect":0,"send":0,"wait":410,"receive":825,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/icon_play.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/icon_play.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/css/common/index.css?ver=1685095467\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:53:41 GMT\r\netag: \"644f850e-d6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:53:41 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 214\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 7 x 11, 8-bit/color RGBA, non-interlaced","md5":"1d3364063dfed42858dddb89b22c4d71","sha1":"6d66d841a97e61c64dac75e15006bceedd7a0f93","sha256":"207b4691434677f319a50bd137a579be31f50c6c47ddbc3e2daa6eab7b9b05a0","sha512":"280a18a864ffd4963331d31553c9aad4dc519c89fcd32f46f06abde3289e28b0e17c292b8cb42ce8f06dec8863fd1345522ada523e20a1933f9dacde17cd0c93","ssdeep":"","tlshash":"fcd023c20191892ce15471331782e030c0324d01992083cc1f12e02b3f72601d43a021","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.461832Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/login_custom.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/login_custom.js?ver=1598008226 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f3faba2-0\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":1279,"timings":{"blocked":868,"dns":0,"connect":0,"send":0,"wait":411,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/login_custom.css?ver=1663905027","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/login_custom.css?ver=1663905027 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 105\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"632d2d03-69\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 92\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d520ae5e8e22ca748c7a9f42456b2999","sha1":"bc32a4581b85bbba126872bed2d05be6e8db1c96","sha256":"2ef18a39610b5f98818cd76249061e93a4bc8c01677b51d73ea80fd3b1519865","sha512":"2a6bd8693789250119a0a9fb8d109eea7ff436ac974ea547b5ae7282d4e6450f2c1fc7c076486395d056ad7cc775f3ff5cbf1cc08ce718e7f5e2a58e0ce90ad8","ssdeep":"","tlshash":"1db092900c5a4f238407c595689a87018e3d90219f888f2f0c3928a4ca8af1410a6670","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T23:09:22.940686Z","times_seen":5031,"resource_available":false,"data":null}},"time_used":1543,"timings":{"blocked":933,"dns":0,"connect":0,"send":0,"wait":409,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/liveinplay.gif?ver=1682933216","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/liveinplay.gif?ver=1682933216 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 12:05:24 GMT\r\netag: \"644f85e0-268\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:05:24 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 616\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":616,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 204 x 30","md5":"712ffb89e85b2e1e254ec1c77b23fc74","sha1":"7e385f698a88e70953384d4bcd3698993fb6c322","sha256":"6ac8853ce4ba2bf9bbe37da81b96be06b0463bee89fe6166a02a913ce379307b","sha512":"34e6aed4474677abc763d44805a12df54313eea3a98847aa12fe940f81247ad6b218ec25c7e6d66107527adcbec0bf8e7dfa5facab3c8886dcc026452ec2b7f6","ssdeep":"","tlshash":"7df062c6f65b54bb862a46ecd74cb9140bc820884b000c8295f1f8efe00c7705bba0e0","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.502375Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1712,"timings":{"blocked":896,"dns":0,"connect":0,"send":0,"wait":406,"receive":410,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/share_unite.js?ver=1749181409","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/unite/share_unite.js?ver=1749181409 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"684263e1-a6b\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2667\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2667,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (527)","md5":"00c6288b67f7750a75b6e9abbf74c8a4","sha1":"5f464f4ce28448acc1c2fe825d4218795b023db4","sha256":"20327edf72e6632c450e8f8e443db2f728361f74b68697932491108c7f483b9e","sha512":"39dac004bb9b904ec4c4bb4d4963c3b8c4c9d98f9a80d90e53134e28c6055831652f0911e59b58f54c4b1e7156d8aba181b90ee3fe0ba6aefb67162b990787c0","ssdeep":"","tlshash":"37513127e6b82006207730a7deee346b556a8426b3417f06b7bc01a54fc58ac7f9270c","first_seen":"2025-06-07T06:32:46.623015Z","last_seen":"2026-06-06T23:09:22.850706Z","times_seen":4069,"resource_available":true,"data":null}},"time_used":2087,"timings":{"blocked":873,"dns":0,"connect":0,"send":0,"wait":411,"receive":803,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1174.png?ver=1704358335","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1174.png?ver=1704358335 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 11:59:21 GMT\r\netag: \"659671bf-12d75\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:59:21 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 77173\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 700 x 460, 8-bit colormap, non-interlaced","md5":"e097679bd5a9096364f9a76bbeec0a99","sha1":"11475086f853913fc80f21dc898ac99fb553e71f","sha256":"52bd8e84b3d2817e79cdfa07523800de791ffd9662757033759ab37b146ffd2f","sha512":"f8032cf4e4a30be8929494dc2fb24dc4a79acea56985953acf1452248a9f8ff5de908d4fd34fbce537297516e30ffce3a60c87bddd8f8f101e4dd9d362f188c3","ssdeep":"1536:RfmVARw2W6qBlu9oxNistpDzHYl56Bt1J63mhHRf5JZ7lg70bfGt40eB7:AywxHuXstdLg56Bt1JMmhxfbRqgbuI7","tlshash":"ff7302de3b741b83b6d5de3e9134ef2ca6a408b81222271d4b3589757882dd0e3dd638","first_seen":"2024-01-04T16:13:57Z","last_seen":"2026-02-27T02:44:54.092347Z","times_seen":902,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=7D54CA9D659B2EEA\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=155754504\u0026si=13d000e86c487ab21ddde56b764037d6\u0026v=1.3.2\u0026lv=1\u0026sn=49884\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fbet73028.com%2F%23\u0026tt=365%E8%8B%B1%E5%9B%BD%E4%B8%8A%E5%B8%82%E5%AE%98%E7%BD%91","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:54.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=7D54CA9D659B2EEA\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=155754504\u0026si=13d000e86c487ab21ddde56b764037d6\u0026v=1.3.2\u0026lv=1\u0026sn=49884\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fbet73028.com%2F%23\u0026tt=365%E8%8B%B1%E5%9B%BD%E4%B8%8A%E5%B8%82%E5%AE%98%E7%BD%91 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 07 Jan 2026 13:02:54 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=34588BB9339AEA99; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-07T01:12:54.972934Z","times_seen":366886,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/moment.js?ver=1580697220 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5e378684-1f30d\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 127757\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":127757,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"e70edb526ff09f426618efade93a4782","sha1":"840b05449d3851118fc835592bd98af885bdbf1f","sha256":"ab513aa4626ba224ac61b747674e6aead965f6e2cf87a2e60c7d4645b519817f","sha512":"943192c03e09b13bbdee324fda4c81d019b4cb5178596b5c548a1e6776022aded289a6076d32d5f55f99316b57b6f7db13c6429edb3a1e6927e7bcea89774cd9","ssdeep":"1536:/cZlnfxbjbJzvdvpeG2iMuz/M6z4QZFSNwmJaxxKZ5dFR79LNOf0uK:/cZlntbEG2i8umYx620uK","tlshash":"cfc3508a69476123467267398f9f4509ff6985330a0e8605bc9d92d83f71c6c43bafec","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.934721Z","times_seen":5094,"resource_available":true,"data":null}},"time_used":2094,"timings":{"blocked":867,"dns":0,"connect":0,"send":0,"wait":411,"receive":816,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1079.png?ver=1612879501","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1079.png?ver=1612879501 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:27:58 GMT\r\netag: \"6022968d-1c3b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:27:58 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 7227\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7227,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 129 x 251, 8-bit colormap, non-interlaced","md5":"55573863bf4ded810402032c178c8e18","sha1":"609490d47a02fd8d334d81f60a425d87541320ef","sha256":"c9c97016a7a15844a8d8ba4240275ac28ccd0463c70a379fa3f7411ec237186a","sha512":"9e2ca51c6f1ef5bc69edf0c5fb49bc10ff94f465dd36f7055f9a1882085bae56f61175f8918dcd3226060fbedd2f6d1d82d5fa37815162e5c438504228bf999b","ssdeep":"192:dk93OLNzYheZwiT/PHnkAXuHVu1h2AxPJguyTvEj:m3OLNzUeZwYPn5WAxKlTK","tlshash":"c1e1aefa5a3b3c54c0aa321547ddb04a9134778a9f0d1293ff2686a82cadc5d25d53c5","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-02-02T09:08:19.833598Z","times_seen":3243,"resource_available":false,"data":null}},"time_used":1924,"timings":{"blocked":905,"dns":0,"connect":0,"send":0,"wait":817,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/login_modal_unite.css?ver=1738950076?v=1767790968","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/login_modal_unite.css?ver=1738950076?v=1767790968 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 6984\r\ndate: Wed, 07 Jan 2026 13:02:51 GMT\r\netag: \"67a645bc-1b48\"\r\nlast-modified: Fri, 07 Feb 2025 17:41:16 GMT\r\nserver: nginx\r\nx-cache: UPDATING\r\ncontent-length: 2001\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6984,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"252c2fa58e6d682ca2b18b0888ebf910","sha1":"511ef6db164e0c745e67941cdb2043aef965dd0e","sha256":"5bca12ef0f6bfba5c12cbdd0eaeeb1d48e05c91149df7743b76b80480317306a","sha512":"1aa311c2f06a767d9eeec9c384f806d2b19977bda91af36a6aff9443896e677a3e488974b64c0e7c3e6a07cf77c834e6d115a8388b5938f065c5cbeff224c7d7","ssdeep":"192:4ybbQhWJZ4JWpC/+FtCmSCgIUaTgIaxl+F5Dm9qE:tFYd4F5Dm9qE","tlshash":"9de11e0576bf0a63a06e860935ea9b80630f9217c615ef7f7df132448fcd6689139f64","first_seen":"2025-04-11T10:47:55.703801Z","last_seen":"2026-06-06T23:09:22.846962Z","times_seen":4294,"resource_available":false,"data":null}},"time_used":1350,"timings":{"blocked":943,"dns":0,"connect":0,"send":0,"wait":407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/header_custom.css?ver=1738643282","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/header_custom.css?ver=1738643282 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 6702\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"67a19752-1a2e\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2028\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6702,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9bb336c25275a44be055593cee547e55","sha1":"881e45a4d3bfc4ff6e3eb29bd7dad13fef00cbb3","sha256":"f093c1ff1c5576fe70b99542fa3ec95459e2353380574e6b3b9621d4d0d5e310","sha512":"94d669998c59ce5b10a47738e1b6ac68c54a590afe0ed793c08d57f2dbd4e334d8586dc9d76e0704adbdc2bf01689c681453a796605f716a56f8072934c40674","ssdeep":"96:585UOKrCo+wyCWiV9PR6FS5+j60XF1RnfgE6Gvg1CFcSk6yx2/kK5wN0DzMaZ:6oNRRrPIFW+j60XXFcdbLCvMaZ","tlshash":"a5d174c167e16448b526c5f2bc616a68635f6052c40fdd2cf3f8246cddee1c6a376368","first_seen":"2025-02-06T13:25:38.25631Z","last_seen":"2026-05-30T10:19:54.507126Z","times_seen":2886,"resource_available":false,"data":null}},"time_used":1537,"timings":{"blocked":928,"dns":0,"connect":0,"send":0,"wait":409,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/swiper.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/swiper.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-1bee5\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 114405\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114405,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65271)","md5":"b8be4ec964b15c656c05a17f822762b3","sha1":"1afabbf1eeecc4d7ddfbb4c824696ce1aadc8d0f","sha256":"e32b2b578b1345c05be32292da9016f7ff564bb3f4aeda3c1b6b76869648fcbd","sha512":"0abfe93e1dab3db289b0efe0f92e42f6ff14cc4e550b5bca8d4a84fe736245fb70b39e5b86bd9aea620e6fd73a76ce8aaed9d3a561c6208dc9108778dba141b9","ssdeep":"3072:2hUcC5HqffYIdcMZOGHgZsUOUIBdID8CX:y45HqXYIdcMZOGHAsUOUIBdID8I","tlshash":"7ab3094eb35071a551e36257525e8241a3b72409780ad0ac35b6d8ebacbde4c13bfefc","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.901652Z","times_seen":5129,"resource_available":true,"data":null}},"time_used":2122,"timings":{"blocked":878,"dns":0,"connect":0,"send":0,"wait":410,"receive":834,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/csrf","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /csrf HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImJySUF1djJydjJyNU1xblQrNkVlZEE9PSIsInZhbHVlIjoicHBJc0M0eXJoUUk0T09kOXlLejk1Z1VmWWtDSU96MTZIdlZ6dEh1MWQxa1RtUHJPNFo0blwvUnh0MVN6MUhxT1BMMXFhXC8rUGRMQXQ5K2ZQVGxJS21Udz09IiwibWFjIjoiMjdiOGRhZmY5ZTA0MjZhY2ZhYmQzMTliZDgzNTk2MTI4ODI4NGVhYTJkZWUzOWRkYTJhZGFlZWZhYWEyNTcwOCJ9; vanguard_session=eyJpdiI6Imh0bXpISlpscnlkZEJaN3drbmVjMWc9PSIsInZhbHVlIjoiaTZxdWZpTzNkaTRDVkdMTGFYaWhoWGhSNHFBVzFxenJuRWZqeVwvbGZ3c0xGRUs0bEJ3SGo3bnhVRFlIR1NEQzdDeForVnhrc3duUitlQVwvUFVYYmJNZz09IiwibWFjIjoiNzQzN2IxZTgzMzJlN2Q0NTEzYjg0M2E1ZGI3YjRkMDNmN2Y2MzQzODQ0YjdhZDI0OTY5ODlmZjVmZTliM2RmNiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:53 GMT\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Length: 60\r\nConnection: keep-alive\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nCache-Control: no-cache, private\r\nContent-Encoding: gzip\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6ImY2TXBlNTlzbGRmY2haSWVOWFdUWkE9PSIsInZhbHVlIjoiNzVldTJXMUprYjBhbURyTFlJZ0Y5NEVwRGZ1WDA4RzZuWnp0ayswV25aT3NXeERUeVRzSlc0Zmd0VHNPNjVjajgwQk5WeTArQVdReFhBcjl5bWw5OXc9PSIsIm1hYyI6IjkwZmI4MzMyMTBlZGQ1MGRhNGM2MzExNzk2MzQ0Y2ZjYjc5ZTZiMDk5ZDQ3MTZjZGYxZTQ1NDBjY2VmNDE1OTMifQ%3D%3D; expires=Wed, 07-Jan-2026 15:02:53 GMT; Max-Age=7200; path=/; secure; samesite=none\nvanguard_session=eyJpdiI6ImZRNm5rRlFQa082eGhycmZXQkpmZVE9PSIsInZhbHVlIjoiZUV4Qkl1dTJ4dnYyNGRHTTlRVGFoajNQcXNnbTIzd2ZEcXFYZm9LTFNhR1VidW8yK3V1VWRabDg3cDZubUxvVHdwVWZud1hBU3o5WTE2UnF1SHR4NlE9PSIsIm1hYyI6IjBhMTQ0MmE5Y2NiZGU3ZDIxNGMxNGMwZDQ5MWU2NWIzZTVlM2JmYTQ2NWU4MjQ1MDNmOGJkYzQzOTc3YjRlNTkifQ%3D%3D; expires=Wed, 07-Jan-2026 15:02:53 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nX-Bos: b83\r\nX-Cache: BYPASS\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"4a9ed863c167cbbd5e2fff5e96970c9e","sha1":"0fbbf587bcec0e13201324d3799c9cf44fe31b7f","sha256":"dc2d02ba5a7fe53802d57bbf62e9cd898b0ae324bcf95f0bea4c22b4f00c828f","sha512":"6253af7d54b6ca3f0589959f05d247329a80840a25592867a29136e0d27958012433dcd725df2a43795efb6316bdc2c06e71859f8f7189ba637f25f481af47b0","ssdeep":"","tlshash":"699004cd071013504f0451d3c0d4c070010445c00d41743540100c3451537dc57c0051","first_seen":"2026-01-07T13:03:17.237311Z","last_seen":"2026-01-07T13:03:17.237311Z","times_seen":1,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/common/bet365_style.css?ver=1685497875","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/common/bet365_style.css?ver=1685497875 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: W/\"6476a813-3db7\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15799,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"63d91c124b45be43dfba690f9045f34b","sha1":"e387df588d63853316200db1994fb05f2971dcdd","sha256":"f2f6ae08f73e63fa21a560b88fdeb49afc9dc7386c6db1bfb317904a3dc3bf85","sha512":"b7c973f6d4ef57c03d0ed0f2d27d87a29fa9bca34222d3fc0486f23739c871cfe2f313d9d8cf6255d07cd8a9812cf45aaa1a49e4cd2253434e3c1517a3bdae76","ssdeep":"192:kI/btVaRFgGntC76JlL/mt8ZM2Qpdr/0CCsafFUsOA8mxiqfFK4PNlQVOwGWNOn9:cF3LmaFU0FKfIXLAG","tlshash":"716262f69b671c45b926c1a9af68a7c133695213c00dc92d7fd4721c8fce5e898e238d","first_seen":"2025-04-11T10:47:55.702437Z","last_seen":"2026-05-30T10:19:54.462643Z","times_seen":2878,"resource_available":false,"data":null}},"time_used":2672,"timings":{"blocked":1047,"dns":387,"connect":207,"send":0,"wait":566,"receive":0,"ssl":457},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/jsencrypt.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/unite/jsencrypt.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-db4e\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 56142\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56142,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13814)","md5":"64507221feddff84c80b99c98827d76c","sha1":"5c7000638c6bae1a1c448367822a8682d59d371f","sha256":"5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389","sha512":"cc3beba9e9c0d1e149642c41b2bcb351972f8a1bcd9445dbb5e32feb6c91c5d851e2cecad5a6b3f8b8ec4727e4e8cf9824bc80244baeaae20023c23c1a02c2f0","ssdeep":"1536:cJxLSEwwmr2yZPp8yQPj6OR1fdfqovoRonm7f6T:cPErPp8yQPOOR1fdfqg2l7f6T","tlshash":"cb43e9853ae6b075039a50f0051f084ab13ab92e192f44ecf699d8e17cb584d637ffb9","first_seen":"2023-03-07T13:16:24Z","last_seen":"2026-06-07T00:24:38.784855Z","times_seen":18578,"resource_available":true,"data":null}},"time_used":2105,"timings":{"blocked":871,"dns":0,"connect":0,"send":0,"wait":1019,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery-ui.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery-ui.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-3dee5\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 253669\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32074)","md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-06-06T23:56:34.365715Z","times_seen":21192,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/g04.png?ver=1606874474","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/g04.png?ver=1606874474 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 11:59:20 GMT\r\netag: \"5fc6f56a-2cd6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:59:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11478\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11478,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 271x81, components 3","md5":"6274335f5e37fb7e3aa19dba05a07ef3","sha1":"d54c0b0cccf2158aee56d7f1f465d5bb907edf06","sha256":"39d9bd9e19956bb52c4c880dc6987383c34dc0873aadaa6b3763e3421e06def7","sha512":"ed6c986810c46bcc66ab9bd9d3750fe4ff8c638904ad88cc6894ea00776d80da7b2bd6f8adb20a77c0ded5e7f5be805db96aa115426c1c32ecb2d6cafdcafefa","ssdeep":"192:unFWapk5PXHCbmhX7M4m2fHaDY4oHuB8NPwb5yTBw1+WlEaE+AYAtAcueGSHkOIv:unUapoXio/dX4qEb5x1plT+1fuepkOIv","tlshash":"1432b012c652ab01cd4998f4b8fe5905dea10e44dfc2fe45b6f2ce3d5cb09b06e97069","first_seen":"2023-04-07T19:22:59Z","last_seen":"2026-06-04T15:41:12.083496Z","times_seen":4786,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":892,"dns":0,"connect":0,"send":0,"wait":613,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/g02.png?ver=1598008033","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/g02.png?ver=1598008033 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 11:59:20 GMT\r\netag: \"5f3faae1-35fb\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:59:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 13819\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13819,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 269 x 79, 8-bit colormap, non-interlaced","md5":"90bacbbc6c165d555b528d48bfa616a1","sha1":"64041e94f44efa1df69c1e1b8086fa4773c06951","sha256":"39a7b5dc5fdec30c63517f2648bf20050718c6005cf8056b007f0aab103e9846","sha512":"18eccf12607f185217733225222a102ca36f318745d96af886ef8e1316e262bff8d431f3d13884e1dea7282c71eef83430648a256e0d156c47b2fc5ea580e351","ssdeep":"384:RYtGrPnLUKAUZqtt1EhOjyC6Z1RooAoXYfpqA:wIvLU1vDEQjyCc1soUb","tlshash":"4052d0de0b802b47a076adb91430b39970cb0aa65334dfcc239a05ab7635fcc067117e","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-03-19T07:12:22.985635Z","times_seen":991,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":894,"dns":0,"connect":0,"send":0,"wait":406,"receive":404,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/plus/plugin/js/bootstrap.min.js?ver=1598106537","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /plus/plugin/js/bootstrap.min.js?ver=1598106537 HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; vanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:50 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nEtag: W/\"5f412ba9-90b5\"\r\nLast-Modified: Wed, 07 Jan 2026 13:01:29 GMT\r\nX-Cache: HIT, policy, disk\r\nServer: nginx\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37045,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32033)","md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-07T01:19:51.244622Z","times_seen":90100,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/main.js?ver=1598008226","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/main.js?ver=1598008226 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f3faba2-78d\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1933\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1933,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6a579f2e4d3b31b3ea017e7b03a475dd","sha1":"8d9a6430face051ae1365d421f15c60cff36613c","sha256":"ca0d1288490dab47eb98606d7e519b4be96e1d5f354b8cf4a6ef39dd1846c41c","sha512":"e5c65863509fb786d1a2ac8a1c0e0ec1446158037079a067eb6976040a0d912e326c2254e7968a7e22ae794d3adad6b9bfccbd2a4eb35dad622676d3a989d742","ssdeep":"","tlshash":"1941cc1df9f665c208b730164f3f451c2163a81f6a09ce40395c65c09fa267ed2dbeba","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.922907Z","times_seen":5039,"resource_available":true,"data":null}},"time_used":2109,"timings":{"blocked":874,"dns":0,"connect":0,"send":0,"wait":1215,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/assets/js/caller.js?ver=1675418258","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /assets/js/caller.js?ver=1675418258 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"63dcda92-1122\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4386\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4386,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4e7441dc033395b76a96b25b6efef0f0","sha1":"c833e33f4a95efa559a847dfff036cb904260b48","sha256":"80caabbe50f5f83254e2545d01bacf299c7f417a103e912bd41d6c330a6e4f86","sha512":"e96041ac2b7106fe9aceddc1faa3e996ffaa97945d56cff7b3ca0697492cf6ff53f6fc3826319a85eb360e684a166c0c8c075118a37655312dfbf231ff9aa167","ssdeep":"96:veR5suijTWxKhgCBTSCkAjnhefPMm03OMu9eqeeV0vMu9eqeeVqgYi:veR5su+TWsU1eO70v76i","tlshash":"dc914212de042051f76332b85a55661f6131684f7f8a888dbcbc747f9b70acb857d189","first_seen":"2023-03-13T18:11:33Z","last_seen":"2026-06-06T23:09:22.857441Z","times_seen":5037,"resource_available":true,"data":null}},"time_used":1888,"timings":{"blocked":869,"dns":0,"connect":0,"send":0,"wait":411,"receive":608,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/login.js?ver=1597629260","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/login.js?ver=1597629260 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f39e34c-bf\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 191\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":191,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"24bc8669caf172f2c17a06fcd73ae539","sha1":"3bad8f340bca43d8fb98c3ca39def12f816769a8","sha256":"29df48677fd1c2b2a602c35faeadd3693f083b78550b2c0f3108f356c34b74bd","sha512":"0b4b2dc35f8b97238079334be832751d1e33dfbbddda4961c38127afadcb088101bad71b0442bd810930df2658dfd9f42da0b08d44bb1e1f1dd0a5dde33423a3","ssdeep":"","tlshash":"f3c02240b13f377c587372a0803a0506df73701c1c0056e0b0b842a02c187040813c78","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.883349Z","times_seen":5042,"resource_available":true,"data":null}},"time_used":2087,"timings":{"blocked":872,"dns":0,"connect":0,"send":0,"wait":411,"receive":804,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/prizedraw_pop_custom.css?ver=1663905027","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/prizedraw_pop_custom.css?ver=1663905027 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 18\r\ndate: Wed, 07 Jan 2026 12:58:10 GMT\r\netag: \"632d2d03-12\"\r\nlast-modified: Wed, 07 Jan 2026 12:58:10 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 38\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4957b1edbdaab02ae3242ff27d3732b8","sha1":"0fa68da2f11737fdc4d7961a632581c13f7a8577","sha256":"1adeb028e615a654ebf218f188ad6bc841ad3851da01b28dc4af82ea77179108","sha512":"4965ba38ebc9edebf0321e50f78d18cb9562fc234ffaf91715ecc3c9c9842e56a153a3cc9a30d01a234e8be4e0137d35a06dca1dee9b671ce80a4fa10152d485","ssdeep":"","tlshash":"8d7000000002000082308a280802002800a8b0822200888c8880002a302a0020000880","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T23:09:22.886482Z","times_seen":5139,"resource_available":false,"data":null}},"time_used":1359,"timings":{"blocked":952,"dns":0,"connect":0,"send":0,"wait":406,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/login_modal_custom.css?ver=1726650059?v=1767790968","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/login_modal_custom.css?ver=1726650059?v=1767790968 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 2491\r\ndate: Wed, 07 Jan 2026 13:02:51 GMT\r\netag: \"66ea96cb-9bb\"\r\nlast-modified: Wed, 18 Sep 2024 09:00:59 GMT\r\nserver: nginx\r\nx-cache: UPDATING\r\ncontent-length: 772\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2491,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"1c9324c073c8d8db7f32df740feceace","sha1":"5465a38fe6f669c4df9a2265a654c0815bb7373a","sha256":"79ecbd9aa7b6311f29cda59980feac8ac8263131b8089580f60f4ad6188f86ce","sha512":"2dd2e0b5645e119bcb2357c489d55fc76cedb95e19750489a32bb0974cfc1e974db62c06ee1f3b738114c3310776c73f59ad69149348a1701ea87d21efe3544d","ssdeep":"","tlshash":"215147026ebf2e93908c406d35de4e84225d400bc569ee2e3ff723648f5a6a6a177f04","first_seen":"2024-09-19T13:36:38Z","last_seen":"2026-05-30T10:19:54.525391Z","times_seen":2971,"resource_available":false,"data":null}},"time_used":1348,"timings":{"blocked":941,"dns":0,"connect":0,"send":0,"wait":407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/g03.png?ver=1598008033","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/g03.png?ver=1598008033 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 11:59:20 GMT\r\netag: \"5f3faae1-2eaa\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:59:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11946\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11946,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 269 x 79, 8-bit colormap, non-interlaced","md5":"d2ba9813a94ef43860a7e436085624f3","sha1":"ad36dce8e807934af7f49ea1be72955d7238314f","sha256":"de19c6fe70e572cb530efdc4ffdbd69fec93ceec8e8513cbd488496737ad8130","sha512":"875d45d8cc066b27ca582d230df3e7991a73e5ea10149c0e81505cd45a842174fdf8d84eab2de4a9eef9094bd847c851a6851d45955995550487c05f2c30f238","ssdeep":"192:Yowv62d6tFQNDiZjqyfbKWSgR6jcYzLT2j6PwP7Q0Cj3F+8YUIO:YoAm7QNDiZLf2k6jcaejGwPEh3o8YY","tlshash":"a732c014dbb9e6ba7efd6025be08d47193117c29859379144e02de2153d022f80f3f56","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-03-19T07:12:22.992148Z","times_seen":991,"resource_available":false,"data":null}},"time_used":1708,"timings":{"blocked":893,"dns":0,"connect":0,"send":0,"wait":807,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/footer_tindex.png?ver=1606876112","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/footer_tindex.png?ver=1606876112 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 11:59:20 GMT\r\netag: \"5fc6fbd0-77ec\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:59:20 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 30700\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30700,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 860 x 320, 8-bit colormap, non-interlaced","md5":"4cff4dc9e549d34af27afdf92ca7d2fa","sha1":"0eb049b2a26b17cbb3f8245ed917d1cde98270b8","sha256":"0cd23fe23383f6e30f715b9fdbbe23561ad39cedad929a2622464bd6b50f9f29","sha512":"d1adaefaea4ed22f7d6d52da60d05758b18d79624f8fd58b531d90fc377928b31e235d0bce16306225534875f2ba28d03bd94105fcd5d71729461aac7a19dd02","ssdeep":"768:WfNuoY2JXbpSK8Kl4JZ6xyTqERQ2mKmY5Cha4Zv:WfNuoY2J38KOUie2QYj4Zv","tlshash":"13d2e083c312a6d154a3147be9d7bf80cafca505891a8d7d00de9821a7bb4d3ea530f2","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-05-30T10:19:54.509042Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":892,"dns":0,"connect":0,"send":0,"wait":612,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1050.jpg?ver=1607687349","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1050.jpg?ver=1607687349 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/jpeg\r\ndate: Wed, 07 Jan 2026 12:53:41 GMT\r\netag: \"5fd35cb5-72cd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:53:41 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 29389\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29389,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 844x214, components 3","md5":"38c80c4e821869df9ae28040c4e2abe4","sha1":"de9d8a0f1e6628df841ee9d05b0e0ac4678d7188","sha256":"f6d5607fe56e39eaffeaee05a3e7392bd9adcc9275e7e63f67881db018b68b73","sha512":"e84587a9bd387755437efb56331b2bc7a0e1140aa41f2f645f68b000b1f0be806b30aa435c6d6dee5fd49a19c22ba45617c71afa75c1f2028e65c377ea95f91b","ssdeep":"384:zOAdT2hjDL1C5uPFNiaxOmITLsTeZXBq3lz2HrqFrRmxbpyHovTaR65hcOFEgGUe:pEhjDgCLICeZXBKlxYpKov9ZEFt2G","tlshash":"47d2e14fca8dfa4c1c35f33d692e6b4e9747cf888a214d2956c68d0805d0e8e6796bd3","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:22.998604Z","times_seen":1426,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/unite/prizedraw_pop_unite.css?ver=1733883989","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/unite/prizedraw_pop_unite.css?ver=1733883989 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 6938\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"6758f855-1b1a\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1703\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6938,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"f56d937649f436cbd7617abc7b9302fe","sha1":"761345474d919ce27ab91f2e4802763067c30a3a","sha256":"c9e27bfda9106e5282324702332c7bb8fdc46307daa7542be22bb586690a2a15","sha512":"4d99d6d61b1720501131379c1ee5a115e346dc5b271dd2cc3d39a29237034857893a56b757ac21c58d079fdf9e994684ca5b4cb8b404ae5aae0fe6f592d4e0d1","ssdeep":"96:jIjyND5elhmYza9/4Oynn0LDqsEx6hhIArcBlCWhXW5bQMqYsxhe0CKFwfO:zMfeEn0LDqlx6hfcBkW5WN3IhsKFwfO","tlshash":"aee103f0e38f38c97bb797e96eeb0d46a54602cbe202ce04a3595ce55f5a23c3535284","first_seen":"2024-12-11T12:22:16.015061Z","last_seen":"2026-04-11T00:00:37.152071Z","times_seen":4331,"resource_available":false,"data":null}},"time_used":1158,"timings":{"blocked":955,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/gdcode_1767790968","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.71","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /gdcode_1767790968 HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; vanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:52 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1036\r\nConnection: keep-alive\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nCache-Control: max-age=315360000\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nPragma: no-cache\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6ImJySUF1djJydjJyNU1xblQrNkVlZEE9PSIsInZhbHVlIjoicHBJc0M0eXJoUUk0T09kOXlLejk1Z1VmWWtDSU96MTZIdlZ6dEh1MWQxa1RtUHJPNFo0blwvUnh0MVN6MUhxT1BMMXFhXC8rUGRMQXQ5K2ZQVGxJS21Udz09IiwibWFjIjoiMjdiOGRhZmY5ZTA0MjZhY2ZhYmQzMTliZDgzNTk2MTI4ODI4NGVhYTJkZWUzOWRkYTJhZGFlZWZhYWEyNTcwOCJ9; expires=Wed, 07-Jan-2026 15:02:52 GMT; Max-Age=7200; path=/; secure; samesite=none\nvanguard_session=eyJpdiI6Imh0bXpISlpscnlkZEJaN3drbmVjMWc9PSIsInZhbHVlIjoiaTZxdWZpTzNkaTRDVkdMTGFYaWhoWGhSNHFBVzFxenJuRWZqeVwvbGZ3c0xGRUs0bEJ3SGo3bnhVRFlIR1NEQzdDeForVnhrc3duUitlQVwvUFVYYmJNZz09IiwibWFjIjoiNzQzN2IxZTgzMzJlN2Q0NTEzYjg0M2E1ZGI3YjRkMDNmN2Y2MzQzODQ0YjdhZDI0OTY5ODlmZjVmZTliM2RmNiJ9; expires=Wed, 07-Jan-2026 15:02:52 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nX-Bos: b83\r\nX-Cache: BYPASS\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1036,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 56x23, components 3","md5":"895945826009f8dae8e39e4a02af1b33","sha1":"c250fbeebd55359e5531ffe3f14f25f11ba3e3be","sha256":"a57c61e90738fc02c5b9927254d9b100cb8743c81b20943a6fbc38e945c236c6","sha512":"2f78af9898e5e00e67c1daa243fff72cfb340a98625a494a2bbb4594f85657e2c71a9b739da4dae69ce33dba1164af86dac9e776c5be2ce9a5eb6265a3ee3a5e","ssdeep":"","tlshash":"b411946a9b4b8294df2355f1a32624b6a15e0ee63854bbb51fa04757c550cf4c449708","first_seen":"2026-01-07T13:03:17.24662Z","last_seen":"2026-01-07T13:03:17.24662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1988,"timings":{"blocked":1511,"dns":0,"connect":0,"send":0,"wait":476,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?13d000e86c487ab21ddde56b764037d6","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?13d000e86c487ab21ddde56b764037d6 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11297\r\nContent-Type: application/javascript\r\nDate: Wed, 07 Jan 2026 13:02:53 GMT\r\nEtag: 374a85f743fe7b74fe06f455244f4a3d\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=7D54CA9D659B2EEA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29903,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (627)","md5":"e095d8efe5714e790b6619afa2facbba","sha1":"72aa6089b871ef9962da2f3322d464b457565fed","sha256":"19333fd42d32cfc73d0a83ef9b12b6a6e9f40a957a3267d691f31946b81b613a","sha512":"6c757a3f85875ac464b16be6160fa0d12f80473f000909ad7a3ebc980273baab517ee0d33b992301ca01dac89e80804162360d8812f42b12a59e43ccbb92f6a3","ssdeep":"384:1oJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:1o4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"87d2c9a9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-01-07T13:03:17.24779Z","last_seen":"2026-01-07T13:03:17.24779Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1493,"timings":{"blocked":614,"dns":1,"connect":202,"send":0,"wait":263,"receive":1,"ssl":408},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/images/ui-icons_777777_256x240.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:53.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/images/ui-icons_777777_256x240.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/plugin/css/jquery-ui.min.css?ver=1598106537\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:53:41 GMT\r\netag: \"685ba9af-1b65\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:53:41 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 7013\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 240, 8-bit gray+alpha, non-interlaced","md5":"40bf25799e4fec8079c7775083de09df","sha1":"4fc6b1449c73f5d10489c104225ebe326a4016ba","sha256":"e75b27211e16fcf94715168001bb7055ca376d46f928110ba3d0825232452e5a","sha512":"51c9e46224098e9270bf51bec93e0528b5e726a632a1de57863fba531d914a9db1d3fb07d22cef756f6fc9e999bf08043e73bca6225a9ab7efffe2904105c388","ssdeep":"192:92XiIsTugcTnouLuIXdj7Z7rgmlWRI1ie+BVtNzDby:AmOTnwCnZftW61ie+BV3Xby","tlshash":"5de19fc1e5f8c4e0dd58e668ee886209c7a658b9064742dbcf0485694b48d3186fab8f","first_seen":"2023-07-20T10:40:17Z","last_seen":"2026-06-06T23:09:22.908096Z","times_seen":1467,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/font-awesome.min.css?ver=1753257975?v=1767790968","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/font-awesome.min.css?ver=1753257975?v=1767790968 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 13:02:51 GMT\r\netag: W/\"688097f7-71b3\"\r\nlast-modified: Wed, 23 Jul 2025 08:06:15 GMT\r\nserver: nginx\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29107,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28900)","md5":"31bacfe1d010712cb3837aec4ec1e237","sha1":"3c28b0f6e91fa137ab67c8370f11f60a63d87d02","sha256":"4f0bbfaec56962e62f55bef603cc25d0f56cabce57471131b21f4e9438066baa","sha512":"29c73d08840e5e21c677748c0aa88ee7900968602af5cbb5c6f6bf801c765b64562f4401a49f041aad7e229461be70db9a5a74317bbff479724547013a0d19cc","ssdeep":"384:Qu5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8yQ/8dwwdG:blr+Klk3Yi+fwYUf8l8yQ/eC","tlshash":"73d250e8e54c01d66731c48bff81b36862baf73dd5844d99f01f690c29d22a522c5fba","first_seen":"2025-07-24T08:18:25.967403Z","last_seen":"2026-06-06T23:09:22.890191Z","times_seen":2866,"resource_available":false,"data":null}},"time_used":1353,"timings":{"blocked":946,"dns":0,"connect":0,"send":0,"wait":407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/jquery.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/jquery.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-14979\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 84345\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"f9c7afd05729f10f55b689f36bb20172","sha1":"43dc554608df885a59ddeece1598c6ace434d747","sha256":"f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c","sha512":"3dcae1ff6e98c64e3586be3eb14dd486c51f7d4e9fa1b8f9a628be4fbb6a9ab562f31f9b50e16d2e0c72b942bdbe84eee8e0ef87fa730db1428b199a59d88232","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrJ:++414Jiz6fh6lTqya98HrJ","tlshash":"ca83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-06-06T23:28:23.435135Z","times_seen":25162,"resource_available":true,"data":null}},"time_used":2361,"timings":{"blocked":923,"dns":0,"connect":0,"send":0,"wait":411,"receive":1027,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images/dc_new.gif?ver=1597629314","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:52.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images/dc_new.gif?ver=1597629314 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 11:06:25 GMT\r\netag: \"5f39e382-4e3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:06:25 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1251\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 21 x 12","md5":"25f6274aa9e9e073709978b30cf559c4","sha1":"a7cbd2bfcc634f40df01e0195e2cd666a22a7291","sha256":"243406dc9776577510746308a2816db585b4abd09a64e1c761654316c0d9038c","sha512":"9149b9e16b06d6508ebebbf78a59ad26eb15ff35084c2bb6be8f08795884f4a914e24689fc2402eaae46819efddc37281b7d778c92d2bf66f8939a4ff9f02a86","ssdeep":"","tlshash":"7921570ad842bc40409c54f57af7a9271ba60980c9f4f5d6b4cdd81e56241b96c19bef","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:22.987654Z","times_seen":4985,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/header/common/kefu_icon.png","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:52.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/header/common/kefu_icon.png HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://3f38sfb.segrft.com/plus/css/custom/header_custom.css?ver=1738643282\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 11:06:25 GMT\r\netag: \"5fc6f20f-246\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 11:06:25 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 582\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":582,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 16, 8-bit colormap, non-interlaced","md5":"d66100dc3b6143ccaab68587edf59169","sha1":"aec841ed002d6f0572b1bc380212d38be5858728","sha256":"cba9dfe544df0c8b71bb9881e1d77b9be08007df320acfb8398c9b636bc1afc5","sha512":"a5db92a6bb8e2bed2268ba81ebcfbff6564ee50d09ed94c2302cbafb4e234cf9acc99d585568adb0de318e38e790467cf81fcb05643338c7200277a878d04d73","ssdeep":"","tlshash":"abf041ded0770db9f6a8245ae0a20980fd525a1c9ee6534e2a9ce04f08ed0049ab6746","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-06-06T23:09:22.910415Z","times_seen":5032,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bet73028.com/js/www/decrypt.js","fqdn":"bet73028.com","domain":"bet73028.com","tld":"com"},"ip":{"addr":"206.119.83.81","port":443,"asn":140227,"as":"Hong Kong Communications International Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:49.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet73028.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Dec 2025 05:41:47 GMT","end":"Thu, 12 Mar 2026 05:41:46 GMT"},"fingerprint":{"sha1":"31:FA:FE:10:A6:8E:C3:2D:4A:DD:35:7A:23:59:02:D3:88:38:F0:AB","sha256":"41:99:E2:99:1D:68:72:3E:84:BC:F4:CC:15:BB:52:86:DC:9E:F1:36:6D:1F:45:EB:D5:D3:59:54:30:B5:35:C2"}}},"request":{"raw":"GET /js/www/decrypt.js HTTP/1.1\r\nHost: bet73028.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjFUTnlMRjBJTVpjTkdRdWhUcE0yRXc9PSIsInZhbHVlIjoiZjk4VlNRNW03RlZRcURBQXFQZU5nRFFKeGkwZlpTa1Q1NHhnSUczY3dUWE5ySmFqakVBNEF0aGVISU9yN1wvYmtzd2VLNEF0aStiRk1LWG1xU0p2YUNBPT0iLCJtYWMiOiJkYzZlOTJmNGI4NjgyYmY1MmZkN2I0MTZlNmY1ODhkM2FhMzFmNzE2NTY5Yjc2NDY0MzYyYmJmNThhNTY3MTVhIn0%3D; vanguard_session=eyJpdiI6Ik5CdFA4RW9DQkhVVVBaOFozQlR3U3c9PSIsInZhbHVlIjoiVnY5ZzBhQVdXSDFcL21yR3ZZaE53blV6TE5hMTlvZ0ZoaVFwdDlmQnpCMEg2K3NNb2ZYMFE4UlppbUlJbGNSbE5wTFBKMGxpVzNkclptT2k1UHZsenhBPT0iLCJtYWMiOiJhMDRlZThlNzA4NGVkMTNiNjQzZGNiMzE5OTVhOTEyNzRhYzAzN2U4YzlkMzFjMWQwNjE0YTAxN2FmY2QyMDIzIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 07 Jan 2026 13:02:49 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 531\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nEtag: \"65572be5-213\"\r\nLast-Modified: Wed, 07 Jan 2026 13:01:28 GMT\r\nX-Bos: b83\r\nX-Cache: HIT, policy, disk\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":531,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"1d1d23f897c7f9fa4b24eeb8159d7e21","sha1":"9c6ab5fed65abe81454978f1e844c4f36d61a1c7","sha256":"8da1db8adc85dc835413880c71cc811c762e48018590f9a991115e83a722c869","sha512":"4d258cf5b37b503615a1373aebf3474ec8f94351455729665223a9318067ca6b815d0bf3c265ead937660bfb3b0e75b25f450ef1b235a64b32d87df01e1b8e32","ssdeep":"","tlshash":"b9f0bec8adaffdd4add295d2627ec809a99315430209df52b688ac1c9fc80281a2b0f1","first_seen":"2023-12-21T07:44:20Z","last_seen":"2026-06-06T23:09:22.895519Z","times_seen":4737,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-07","alert":"Phishing Block","trigger":"bet73028.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"bet73028.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/custom/float_customer.css?ver=1607755023","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/custom/float_customer.css?ver=1607755023 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 1259\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5fd4650f-4eb\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 397\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1259,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2ddfef0c4056c3d9eb5f3df7fd940bdc","sha1":"5632067b6e1c0e2db3f7420470f8f5e15a78f2e8","sha256":"abb89644d467e88130629d409fe0c26f98779a78b539b6ff9996c720dfc8e662","sha512":"f989c4151853270e2ea25e60449305e0f9b0f5847a580e57b09908271d0d37f6b150515b3c49a343768b7cf4b34d42e858a9b30dbc3b7900747f40a5bd19e2f5","ssdeep":"","tlshash":"412195930d272904fc15e1742fc4112d122a80cfaa5fdc1c76d99f195fd266c98a6be0","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-05-30T10:19:54.526913Z","times_seen":3287,"resource_available":false,"data":null}},"time_used":1356,"timings":{"blocked":949,"dns":0,"connect":0,"send":0,"wait":406,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/common/storage/cms/cms_1081.png?ver=1612879623","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /common/storage/cms/cms_1081.png?ver=1612879623 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:27:57 GMT\r\netag: \"60229707-8c8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:27:57 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2248\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2248,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 56 x 254, 8-bit colormap, non-interlaced","md5":"9db7b51805575c39ee9f39665b0f7ab4","sha1":"f1a2bf9f5d5796a06122c20077563d17c016f626","sha256":"0c267456e5c0f717c238b3b41418e9745826d8854f9113e2f504ba9a4df28c95","sha512":"0cfe64e0d430e69c834a7c9f837c0ea4efd518898fb3b1ba748ab55edb6a2496b3676d5062815e1d401aaaa70f9f14b17867392510dd47f262cae2ac7d8591e7","ssdeep":"","tlshash":"85411bd8bcd30fced4e91000a1e99b418776203795ed0092ab4aa4133bc19fe1639765","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-02-02T09:08:19.822977Z","times_seen":3243,"resource_available":false,"data":null}},"time_used":1916,"timings":{"blocked":905,"dns":0,"connect":0,"send":0,"wait":818,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-gt.png?ver=1600747940","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-gt.png?ver=1600747940 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:28:08 GMT\r\netag: \"5f6979a4-168\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:28:08 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 360\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 37 x 32, 8-bit colormap, non-interlaced","md5":"c8b8b09e3d3f8a69599182c5df680895","sha1":"0522f162609c91017ac5977eebb1ebd207a57525","sha256":"ac257cdb0555003da4b484189c57e37c9758258b6fc0fa653ce17252c6e54f41","sha512":"b3d5b74b08547d7084a4ba0cba601c51ec7cb4ba9ad3bd05471f7cc3ec0ee7f6b0b954d8bb20439928be26a6a0f2e7f92ec27b95ff04fc326074ac0fe14efb47","ssdeep":"","tlshash":"9be02051ff2ad839d1e75f755adf4185dc9ed0f8fc23030632520d10162e890a3b4997","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-03-19T07:12:23.034263Z","times_seen":4987,"resource_available":false,"data":null}},"time_used":1503,"timings":{"blocked":890,"dns":0,"connect":0,"send":0,"wait":611,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-gamcare.png?ver=1600719130","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-gamcare.png?ver=1600719130 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:20:22 GMT\r\netag: \"5f69091a-17b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:20:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 379\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 29, 4-bit colormap, non-interlaced","md5":"fed68f2bda8fcbde677d6243c0da867c","sha1":"19f6e8a0721b068651f3d893db375a0d2c44646c","sha256":"f1dd1841440203f7d5894ce378a49f8d33d02f6ba5896de0b885f1b9810d870c","sha512":"ed62b58cd01bdf562995311bdb2e6232bf8ace2b16c633c93b498d7236db5f326867323e2b9556afaff476d1253a276fa22aacefd0d8c04deb48dd648c20f932","ssdeep":"","tlshash":"89e0c0e03234ccbc094b1b6215d4f011d0278b6f38568c2b788e81b0ec101c1e55a747","first_seen":"2023-07-20T05:21:02Z","last_seen":"2026-03-19T07:12:22.986685Z","times_seen":3270,"resource_available":false,"data":null}},"time_used":1500,"timings":{"blocked":888,"dns":0,"connect":0,"send":0,"wait":610,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/footer/footer-18plus.png?ver=1600747939","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/footer/footer-18plus.png?ver=1600747939 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 12:20:22 GMT\r\netag: \"5f6979a3-1b9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:20:23 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 441\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":441,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 4-bit colormap, non-interlaced","md5":"950ceac8f20ad504e908c855fef89833","sha1":"694bdd9709a9bb3be26c6f7bb350205eb44ac7b3","sha256":"e17939202163e612402dbf251414bbb4e5faffdd133fdccd0bf2afd356e0d635","sha512":"07ef639d2d340fe07a2c32c06d67548675b57884e9c89e508cd1abce17dafa0e33bdff120c5c6f41e7fbb9d68f32908e859ed01b0d6f27a1fdb28b040749d289","ssdeep":"","tlshash":"f1f023d3874e9c50f4505f61c66f1a8398b68e0cd0afe906d91073bc283a724b2d36c3","first_seen":"2023-05-02T11:06:58Z","last_seen":"2026-06-06T23:09:22.836581Z","times_seen":5030,"resource_available":false,"data":null}},"time_used":1497,"timings":{"blocked":886,"dns":0,"connect":0,"send":0,"wait":608,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/css/swiper.min.css?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/css/swiper.min.css?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: W/\"5f412ba9-4bef\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:02 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 3631\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19439,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19174)","md5":"319f20c8f06461463f24bfc703551a18","sha1":"f3bc53e03aefc4ee3be3adbcc707f7ed4c1c65a0","sha256":"67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45","sha512":"56439e25a232e6f80b79505aa867b341628cdc5818be22d4d83b7dac66d314a3d91f3eb4dcaa6240795c1a5f990322082c2e85e89a9fce6721cacf828cbe2c4a","ssdeep":"192:YxaNv/lSSyJWCj8zfi5o/uDN3eBxwdJ5c:Yxa1/lS0CYfi5o/uOGJ5c","tlshash":"8a92602c17003057e6334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-06T15:51:59Z","last_seen":"2026-06-06T23:09:22.927267Z","times_seen":5184,"resource_available":false,"data":null}},"time_used":2658,"timings":{"blocked":1037,"dns":379,"connect":211,"send":0,"wait":561,"receive":4,"ssl":456},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/css/common/index.css?ver=1685095467","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/css/common/index.css?ver=1685095467 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ncteonnt-length: 8159\r\ndate: Wed, 07 Jan 2026 12:58:10 GMT\r\netag: \"6470842b-1fdf\"\r\nlast-modified: Wed, 07 Jan 2026 12:58:10 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 2379\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8159,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"c572b5475cafa52665867ea34e941107","sha1":"9e84cb39ea5b4edd820afc675516b2da0afde1c4","sha256":"22fb660621cf5492145daf4e4c4dcf5671f19105dda41b1df6f5cc695dd906c4","sha512":"732b6a9c3c052a23b2a1030083111dd12c96a143df6db6c492c00f8860a69c3a6db12fb34883c0d5019dece30352ed53266e37d9fb0f0cdc0ab89b0807882a5a","ssdeep":"192:ucR93quipoSiBFT8mra9WJpCbYZbatUxT9k+OL/wskJY:Xp1ipRWFNa9WqYBdjY","tlshash":"81f111ba5bf71d42771281e5ab6eab504329e003910ee62c7fe0725c8fc629489773c9","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.497231Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":2569,"timings":{"blocked":967,"dns":361,"connect":211,"send":0,"wait":603,"receive":3,"ssl":410},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/plugin/js/sweetalert.min.js?ver=1598106537","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/plugin/js/sweetalert.min.js?ver=1598106537 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5f412ba9-4262\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 16994\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16994,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16994), with no line terminators","md5":"2f9966a615f3f46d846807adbe42644f","sha1":"441544c084828da55ca0bafdc4c3df7dc7020820","sha256":"be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c","sha512":"e85f14552c1b5837780990e210223c5d6f532dd55f16589f682d1f2f95acc540b715aaac23ce12f871661006f80ec9043a9674dfdec1c3efc0819125d492dff6","ssdeep":"384:Rigwo5UpVZG9lOUlgkhzj7FRNE82XyySyTYayWri/SRVRXFKP9nWZcT2Rc8ex51f:RiB8lOuR5wSWrrRVR1KP9WK6Rc8ex/","tlshash":"ad72c899325438b327e361f1009f504ba4b196bde8095861376cc9e62ff8cc95ae2f77","first_seen":"2023-03-07T01:11:43Z","last_seen":"2026-06-06T23:09:22.922005Z","times_seen":7132,"resource_available":true,"data":null}},"time_used":2114,"timings":{"blocked":877,"dns":0,"connect":0,"send":0,"wait":410,"receive":827,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/main/favicon.ico?ver=1598008032","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:54.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/main/favicon.ico?ver=1598008032 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/x-icon\r\ndate: Wed, 07 Jan 2026 12:48:31 GMT\r\netag: \"5f3faae0-47e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:48:31 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"e13f45bbeb4b9056cfa3d6bd2453f70f","sha1":"dfc879f8f7279ec929478feee93d9b2fdacce0b1","sha256":"331b713de169d0e56bc71fee2c7df0795b24d5b24c045b3af1a27668783a1d2b","sha512":"006f2e5dfeebaaf68972ca99f01c38fa00bf56cbc043f7983eeaea4272b04641844086d62d345b29b99e67044bb86292f0ee8edacd94f90fc270626c990d16c4","ssdeep":"","tlshash":"50214218f26b240bd77a943015c3dda780988e1b618c6ba1855db630fc34e39139b4fc","first_seen":"2023-05-01T12:07:07Z","last_seen":"2026-06-06T20:29:10.41039Z","times_seen":7049,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/unite/encforms.js?ver=1761119296","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/unite/encforms.js?ver=1761119296 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"68f88c40-2e52\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 11858\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d2d77387c0dedc78ae85a7ab52aad886","sha1":"0d8ee19645e8246409f76adee4412ecef3466b76","sha256":"2af6b51b39ceab86129d473a1fb9a4a827539efc7452de2103a84ebd09d75790","sha512":"d922ced4a418ef9049cebadaf49f897432449ad051ece1361014ca9c64514f9eb53f6d77d6e83551ed2939d0eab9d518f0c048e12aef3e167ef3d1d517dbe3ca","ssdeep":"192:gxlzcp1ISvp1S/yakFAn1hQu66H1Ka1t4l/O3a6Nr:zb6cu6IQM","tlshash":"9f32209871bb1870993338344bbf8512793ac11f4c5cd954bdac2aa07f58a5ec6e1bb4","first_seen":"2025-10-22T08:39:12.013749Z","last_seen":"2026-06-06T23:09:22.884025Z","times_seen":1489,"resource_available":true,"data":null}},"time_used":1478,"timings":{"blocked":870,"dns":0,"connect":0,"send":0,"wait":411,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/images_plus/index/en/bg-sports-title-white.gif?ver=1678955880","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /images_plus/index/en/bg-sports-title-white.gif?ver=1678955880 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000\r\ncontent-type: image/gif\r\ndate: Wed, 07 Jan 2026 12:05:24 GMT\r\netag: \"6412d568-218\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 07 Jan 2026 12:05:24 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 536\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":536,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 130 x 38","md5":"3ecfa3bc82874fe5208d9e9924cebd51","sha1":"e801a0bb64370407da31412e432326e8b9887a73","sha256":"1e59d016b5ca6a09c1df3fb8c51d3cdd0e2dcadb980aca2f0f5c81a8216e4ec2","sha512":"7d808fc92d38e316ee78d5023ef50c386a219671a0d99d8c58b85c4ed8ff5a0de1d6b5e6db6ff52d61008ea589b9eed6838d340ee8c0a04641893f9230e7deea","ssdeep":"","tlshash":"26f00569f361ddd4cfd832bc5301102526646735260d1ffa411135e5334dc7b505c5a8","first_seen":"2023-07-20T05:21:01Z","last_seen":"2026-05-30T10:19:54.522859Z","times_seen":1000,"resource_available":false,"data":null}},"time_used":1715,"timings":{"blocked":898,"dns":0,"connect":0,"send":0,"wait":816,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"3f38sfb.segrft.com/plus/js/custom/moment-timezone.js?ver=1580697220","fqdn":"3f38sfb.segrft.com","domain":"segrft.com","tld":"com"},"ip":{"addr":"104.208.79.124","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet73028.com/","date":"2026-01-07T13:02:50.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.segrft.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Sat, 20 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:17:94:DA:1E:D4:8F:F0:18:04:89:1E:F0:56:9D:83:9F:6F:14:6B","sha256":"0E:78:85:1F:49:AC:D7:B0:73:F1:64:E9:08:FF:92:3C:BA:CC:99:F9:F7:AA:E1:B3:69:81:8E:82:D1:AE:5D:51"}}},"request":{"raw":"GET /plus/js/custom/moment-timezone.js?ver=1580697220 HTTP/1.1\r\nHost: 3f38sfb.segrft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet73028.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 13:00:02 GMT\r\netag: \"5e378684-2feef\"\r\nlast-modified: Wed, 07 Jan 2026 13:00:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 196335\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":196335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1434), with CRLF line terminators","md5":"bc45c47c99fe4d26b2b24e46cec399ad","sha1":"221067a4147ece74b03934528ad61bcd4026e477","sha256":"4a65c2af68e89944c3da128c9b329596d930ce09dc9b8ba726b640d812e1fd88","sha512":"1658e474170022d40e698a422f024b4872bff33c78af1dbe98df3a6a99a0f1cd1eb36725ac9fca7bc1264ea491d0a19a2ee0a3a952adba4aba3242c06f830f93","ssdeep":"3072:olpkvlaDD/DCD/DCD2iqWCPrMBq1rGPuAZDDD1DDWoST+piMhrlon5Blu4hK:CkbW0sNpiMx","tlshash":"f714b0292617bb44e459c08bfa3779c0caade18a940614d25f7d57b31fa37e2de68c03","first_seen":"2023-03-07T13:49:42Z","last_seen":"2026-06-06T23:09:22.859609Z","times_seen":5045,"resource_available":true,"data":null}},"time_used":2100,"timings":{"blocked":867,"dns":0,"connect":0,"send":0,"wait":411,"receive":822,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}