| | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectp551006.com Fingerprint12:51:CE:68:32:16:66:CA:D9:78:9B:B9:12:2F:12:CD:F4:0F:74:83 ValidityMon, 04 Mar 2024 04:04:14 GMT - Sun, 02 Jun 2024 04:04:13 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 |
GET / HTTP/1.1
Host: p551006.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 05:57:13 GMT
content-type: text/html
content-length: 167
location: https://55100bet365.com
cache-control: max-age=3600
expires: Wed, 24 Apr 2024 06:57:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ug33wmbo76JGtbZiKE09N6ElSdjF6aVYeb017wW4WjnBWinqoaU7tUXLTBOp%2B9gfotixOLHjSj%2B6Z%2FXoppRhNcL2IdLroYiyDk8cjs0iVYtBCzuPF%2Bbcfl7%2FeoIiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793dac52b09b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 55100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads2.png | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/355100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads2.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typePNG image data, 165 x 164, 8-bit/color RGBA, non-interlaced Hashb258a08f90e63c832cc32e4397aadb2e 7cc14a784d45d49b2177392acc86e363b8dc62d0 13e5348ceb8b66112851439602497e44bcb574bf16794598bce46340f784d533
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /ftl/commonPage/zh_CN/pubads/images/ads2.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:14 GMT
content-type: image/png
content-length: 19388
last-modified: Fri, 20 Sep 2019 08:35:27 GMT
etag: "5d848f4f-4bbc"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:14 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUD%2BXPgaEPXb899clN2aMXHv8d273KPVCNzhx7m5m2BVqydyXmtJBBQVSatjPahXh3aaH1gQlCZn97jL87V5O%2BlwCXH8O5rdH64p56a9HT1FScRSGz2kWnYqyiwtjTniI0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daca5ca60afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads1.png | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/355100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads1.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typePNG image data, 165 x 165, 8-bit/color RGBA, non-interlaced Hashb27e85b76f1b3dcdd4d98c789e51cfd9 ba8ec058785fd8a0e1405d6643175cd7cf92df28 01cf3c6ca09d7b6003faf27cdf6ff31dc52ec67f73070a6c81bfcb50b7b9ea4c
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /ftl/commonPage/zh_CN/pubads/images/ads1.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:14 GMT
content-type: image/png
content-length: 11893
last-modified: Fri, 20 Sep 2019 08:35:27 GMT
etag: "5d848f4f-2e75"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:14 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJQgNaXzx4Gciy7AGSFqJH%2BuKXDF3KNC0gvrO2%2FjmvtBi7pY9rJ9ZXAqnH%2BeAFsFUxVVaC99yb9e9dxACQdh8rj4JxS5dII5Hzw5CghSqki51IsRbZ%2F2pEFq%2FnVkrX4x804%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daca5ca40afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css | 103.198.200.1 | 200 OK | 17 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeUnicode text, UTF-8 text, with very long lines (12023) Hashd01c79296c69daae2357744b28ad3a08 6979c86432a04a8cc22818055bd599e10d13892e 03bae6f265bda27347f4697d37ddb03335678cf0a76d5a246ee1b02463294599
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17118
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"661623eb-14596"
Date: Tue, 16 Apr 2024 09:53:14 GMT
Last-Modified: Wed, 10 Apr 2024 05:30:19 GMT
Expires: Thu, 16 May 2024 09:53:14 GMT
Age: 677041
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 376bc7ca322686eba9b7acdf8c79734b
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css | 103.198.200.1 | 200 OK | 6.3 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (7014) Hash4f6eba52b6bdba2bd8154d39c61fcaab 11a91e977ab64175dc2ec233d45c6cf9d34798b0 b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64ad1569-7b6e"
Date: Tue, 16 Apr 2024 09:53:14 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Thu, 16 May 2024 09:53:14 GMT
Age: 677041
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 2e22b10c9ad0468bc5b5c0df4dc3174f
|
|
| brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/common.css | 103.198.200.1 | 200 OK | 4.2 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/common.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeassembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (311) Hashe27166d661e2bf5353e49a6171edd474 8111915c0a316c8532f6547c458bb97cc4ca665a 92513e519e9e247930c91d719e6cfa16352400c09bfd8921460421ad02ae055a
GET /ftl/bet365-1761/themes/style/common.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4200
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"652f38c4-4d04"
Date: Tue, 16 Apr 2024 09:53:16 GMT
Last-Modified: Wed, 18 Oct 2023 01:45:40 GMT
Expires: Thu, 16 May 2024 09:53:16 GMT
Age: 677039
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: d25e5be5af75371567be5990b76ceecc
|
|
| brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/bootstrap-dialog.min.css | 103.198.200.1 | 200 OK | 625 B |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/bootstrap-dialog.min.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
Hash633098d68444fae4feec36e757a6498c 83244d45a17b6ba8fbf67c41b2ce4e2322db8421 7fd1c34d205f2165ee1b3cc3c2fe54af6f115c58bbd849907c3cf2be6814b159
GET /ftl/bet365-1761/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 625
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"651e5941-adc"
Date: Tue, 16 Apr 2024 09:53:15 GMT
Last-Modified: Thu, 05 Oct 2023 06:35:45 GMT
Expires: Thu, 16 May 2024 09:53:15 GMT
Age: 677040
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 0cd70bd9196d3d60b4d3228b7b708317
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css | 103.155.16.137 | 200 OK | 6.9 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeUnicode text, UTF-8 text, with very long lines (489) Hash858eefc3fa70af7d0115c901908471f5 29c181bbbc09a424f7de7cb57629bd8a9e3c679a 9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"64ddd5e1-c760"
Date: Tue, 16 Apr 2024 16:27:54 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Thu, 16 May 2024 16:27:54 GMT
Age: 653361
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: a6ac21e236ba797c9c179bed05d07e2f
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/themes/hongbao.css | 103.198.200.1 | 200 OK | 5.7 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/themes/hongbao.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeUnicode text, UTF-8 text, with very long lines (336) Hash499a3a64bcf22609681f5337a6360c80 fc05a8a391c8375ea4e47183eca56a18bed8fca7 5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64252e4f-d530"
Date: Tue, 16 Apr 2024 10:02:10 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Thu, 16 May 2024 10:02:10 GMT
Age: 676506
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: fcfd3331f8c78759cf4028c6b7a2dc58
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js | 103.155.16.137 | 200 OK | 34 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, ASCII text, with very long lines (32038) Hashb091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: W/"5d848f4f-176d4"
Date: Fri, 19 Apr 2024 19:26:16 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 19 May 2024 19:26:16 GMT
Age: 383460
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: ecbe4435e4945d25fbe3cebd40341ba5
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/float.js | 103.198.200.1 | 200 OK | 1.9 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/float.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"612747ba-1b2f"
Date: Tue, 16 Apr 2024 09:52:48 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Thu, 16 May 2024 09:52:48 GMT
Age: 677068
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 73fe964443fd55618f7d0c46bb4340b7
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js | 103.198.200.1 | 200 OK | 4.0 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash4de3e8bcf2f02d60519ca0d3584d3b8e 6323c2bf18b1bbf968e164bdf2e58d7677f67f8a 6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"60f60fb5-43bc"
Date: Tue, 16 Apr 2024 09:52:47 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Thu, 16 May 2024 09:52:47 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 88dd4ceca1aa26264d12250dcd84e602
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js | 103.155.16.137 | 200 OK | 3.3 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash3b4680db1e065116488f065419ca9f58 6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: W/"6260ddd4-2f13"
Date: Fri, 19 Apr 2024 19:26:17 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Sun, 19 May 2024 19:26:17 GMT
Age: 383459
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-09
X-Cdn-Request-ID: a13af5f2628fd23a5c560968e84a41e6
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js | 103.198.200.1 | 200 OK | 12 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, ASCII text, with very long lines (32034) Hashf15409fb02c527ce1f66a2fd3c4aa0e9 1e1e1bcc0f49e99e14ba34991cffe0745178d302 1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64d5b951-b083"
Date: Tue, 16 Apr 2024 09:52:49 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Thu, 16 May 2024 09:52:49 GMT
Age: 677067
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: ddc867769f97ac799fa7972792efb212
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js | 103.198.200.1 | 200 OK | 797 B |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
Hash07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"6260ddd4-828"
Date: Tue, 16 Apr 2024 09:52:47 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Thu, 16 May 2024 09:52:47 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: d0704c0c82521a5bd1352a3798c03cf1
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/lazyload.js | 103.155.16.137 | 200 OK | 2.7 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/lazyload.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash58f1a7fa1a19b0e5ad0a5bad974b98cf 6963ce7378e6c992de06e7e77d79432a0d38f54d fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"64d05f66-2f79"
Date: Mon, 22 Apr 2024 05:44:10 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Wed, 22 May 2024 05:44:10 GMT
Age: 173586
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 737c4cbc6885914097a7b734c94b839b
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/gui-base.js | 103.155.16.137 | 200 OK | 16 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/gui-base.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (11056) Hash4007cfe0a95df1d6a9f4252e636f995f b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8 4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"64ddbaed-ee5c"
Date: Mon, 22 Apr 2024 05:43:47 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Wed, 22 May 2024 05:43:47 GMT
Age: 173610
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: db4e97217b69fbac8f2d62cce52edec9
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js | 103.198.200.1 | 200 OK | 5.0 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, ASCII text, with very long lines (20132), with no line terminators Hash5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"5d848f4f-4ea4"
Date: Tue, 16 Apr 2024 09:52:48 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 09:52:48 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 8230a6a27e44359e835ee5411a98628a
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/layer.js | 103.198.200.1 | 200 OK | 7.6 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/layer.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (21922) Hashc42797aecccd5494e2b747cedf1a890b b9e06a6d245b6a3c87f2753db0c9c9aa020640b2 56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-55f6"
Date: Tue, 16 Apr 2024 09:52:49 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 09:52:49 GMT
Age: 677068
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: fcfe0523de14b1b1cdc6105a78f9168b
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js | 103.198.200.1 | 200 OK | 1.4 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, ASCII text, with very long lines (4433), with no line terminators Hashf77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"5d848f4f-1151"
Date: Tue, 16 Apr 2024 09:52:50 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 09:52:50 GMT
Age: 677065
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: a8157ed94b4ef8a6566a2624fcd29c7b
|
|
| 55100bet365.com/ftl/commonPage/images/partner/partner-hongtu-white.png | 188.114.96.1 | 200 OK | 75 kB |
URL GET HTTP/355100bet365.com/ftl/commonPage/images/partner/partner-hongtu-white.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typePNG image data, 4964 x 72, 8-bit colormap, non-interlaced Hash20750d3161559951729e005cf988bb1f 67ac93184c3259c55ea7e26d6f8716525946223a 56af3a9fbc08041521e9f381949bfc2e9548b013798bac0b2d629ab3939d8913
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /ftl/commonPage/images/partner/partner-hongtu-white.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:17 GMT
content-type: image/png
content-length: 74604
last-modified: Mon, 08 Apr 2024 09:30:15 GMT
etag: "6613b927-1236c"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:17 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BROQhxHZ7LWEoJM7RAbZNYUUw8EZ2VcenTA5lkkvfTPom2Rl9v%2F9eVunk4ROI56bQZ7kSMzLUSLBYzwXpGkW0LuF%2FeP%2F%2BHzfzD%2FCLpuaAUrdUhNn27YEjbYWMTH9CrAJv%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dadc8d910afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js | 103.155.16.137 | 200 OK | 17 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, ASCII text, with very long lines (64577) Hashb5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"5d848f4f-fc8b"
Date: Mon, 22 Apr 2024 05:44:13 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 05:44:13 GMT
Age: 173583
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cdn-Request-ID: 5fa9dcacf375b0e0a9e6448677cda3e5
|
|
| brhrjf.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js | 103.155.16.137 | 200 OK | 7.7 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (27669) Hashf8c2b37c1dc626eede6a2e3e37aa4504 d4e8419497caa64c8a850ac4808dddb89b5eeb3f 728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"655579ca-6caf"
Date: Mon, 22 Apr 2024 05:44:05 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Wed, 22 May 2024 05:44:05 GMT
Age: 173592
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: dd6c9bac46d6b9f31e46654163ab109f
|
|
| brhrjf.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js | 103.198.200.1 | 200 OK | 4.1 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators Hash4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"655579ca-3a09"
Date: Fri, 12 Apr 2024 08:31:41 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Sun, 12 May 2024 08:31:41 GMT
Age: 1027536
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 7e9da09d18ddae9f8afcd9fb5ae4a119
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 | 103.198.200.1 | 200 OK | 3.1 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
Hash5cf9259b7dd27aacd46161ec23d261cf ba0c399616a5ae9cdd8aec5b76ba4aae4822367c 7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"6131d862-48e4"
Date: Tue, 16 Apr 2024 10:02:12 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Thu, 16 May 2024 10:02:12 GMT
Age: 676505
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: ce7c7e4758cb9f44210ae1b00e5cd223
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css | 103.155.16.137 | 200 OK | 911 B |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
Hash1da71520b7a0a61526a8fa8d0feb40d1 ba1bf69dad8783563328054cae58ccabf1b00829 5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: W/"5d848f4f-b5d"
Date: Mon, 22 Apr 2024 05:44:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 05:44:14 GMT
Age: 173583
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-19
X-Cdn-Request-ID: a68cb140045cc66dd3c2103235f724cb
|
|
| brhrjf.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191 | 103.155.16.137 | 200 OK | 5.2 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (801) Hash30be40425b37bee4158676082cef1f4d b41ed46721936872d5d7eadf303ce22938240d2a f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"633d510e-7fd7"
Date: Mon, 22 Apr 2024 05:44:16 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 22 May 2024 05:44:16 GMT
Age: 173581
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 936f932872aed10987e58635b6f332fd
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/js/moment.js | 103.198.200.1 | 200 OK | 27 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/js/moment.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash36c8f828395a9395549bd6e7307cb7e9 f30a4961558e2d3d4405e7d93aa28fdb63245e78 5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"64b633ca-1cab9"
Date: Tue, 16 Apr 2024 09:52:28 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Thu, 16 May 2024 09:52:28 GMT
Age: 677089
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 1de7ef6c1fe670a112ebb40641cfa0ac
|
|
| brhrjf.gaokejd.xyz/061410/rcenter/common/static/css/gb.validation.min.css | 103.198.200.1 | 200 OK | 3.8 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/061410/rcenter/common/static/css/gb.validation.min.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeUnicode text, UTF-8 text, with very long lines (2295) Hashf00ce0554efc5adea6a8e02d5e501cad 388840e376568b37ac0103aa5c87a268778db67a 3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"633d510e-2d52"
Date: Fri, 12 Apr 2024 08:30:35 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Sun, 12 May 2024 08:30:35 GMT
Age: 1027603
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 04628befd07f2ed57d5256adaa34fb62
|
|
| brhrjf.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg | 103.155.16.137 | 200 OK | 6.9 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3 Hash99be4bfe275809d4e436b77c991b1381 54eadee77394eb62ccf377ae68d9f49acb5b6785 4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: "5d848f4f-1ad7"
Date: Mon, 22 Apr 2024 05:44:18 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 05:44:18 GMT
Age: 173580
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: d385aa03bdcd5ca6a811387d82477fb4
|
|
| 55100bet365.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= | 188.114.96.1 | 200 OK | 7.0 kB |
URL GET HTTP/355100bet365.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
Hash4493772a91e607d8ca26d9e6df097a1b 59426f6186ebff6615e79c842176eaa641b35467 1f2e05bb884c51be7a0012e9413f4d6c4f67895100cdbc4659e87da852252311
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; Path=/
content-disposition: inline;filename=f.txt
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938239dfde
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G79zD5fB47e3kZ6L58VqDUGQmiO4y28UMKobT3COSdkxv7oogVwpy29tujW0rvtGNHoH5rQlxtSpICaHi%2FTO5YUcRC9%2FqPEv%2BF7d1JPFef6PaLbfl5EMtmOJC3lAvXzYKFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dae77a8d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| brhrjf.gaokejd.xyz/ftl/bet365-1761/images/header/hot.gif.base64 | 103.198.200.1 | 200 OK | 1.9 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/bet365-1761/images/header/hot.gif.base64 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
Hash081943375d1dd5575c9b2864749a2882 5f2a6a412e0594c2e16f2f7010f17d122cc0042d 47b0fe6fba430f6538eba8f6ba1e60fa4bf1622ea72ac9fc8eaa06679def3e49
GET /ftl/bet365-1761/images/header/hot.gif.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 1921
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6526148f-781"
Date: Tue, 16 Apr 2024 09:52:52 GMT
Last-Modified: Wed, 11 Oct 2023 03:20:47 GMT
Expires: Thu, 16 May 2024 09:52:52 GMT
Age: 677068
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: babeaf4556d1c115181e5bf2b463d63e
|
|
| brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10037/1713789226549.jpg.base64 | 103.198.200.1 | 200 OK | 154 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10037/1713789226549.jpg.base64 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size154 kB (154421 bytes) Hash185c5749b5c1173b0345ce0ddf62f07e 0b20e173ee3c869d4764fdfbbe01b72395314014 34fe1ce25778b62a0eb47e56382403c47c030bd403cec2769ab92c995b809cae
GET /fserver/files/gb/1761/carousel/10037/1713789226549.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 154421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "6626592a-25b35"
Date: Mon, 22 Apr 2024 12:37:36 GMT
Last-Modified: Mon, 22 Apr 2024 12:33:46 GMT
Expires: Wed, 22 May 2024 12:37:36 GMT
Age: 148785
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: b55b48b43ab268653d149267fee82b50
|
|
| brhrjf.gaokejd.xyz/ftl/bet365-1761/images/all_bg.jpg.base64 | 103.198.200.1 | 200 OK | 345 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/ftl/bet365-1761/images/all_bg.jpg.base64 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
Size345 kB (345171 bytes) Hash20d063fb55cf6dd6c784f84ae5b3bd18 0840181a044dcc8c3022cbfbe10a686cfd1f5f7e cb4b1b696c9135571ec2a2d49b03ef3c16a9fee93620509e455a7b9175ab9443
GET /ftl/bet365-1761/images/all_bg.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 345171
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "651e5941-54453"
Date: Tue, 16 Apr 2024 09:52:51 GMT
Last-Modified: Thu, 05 Oct 2023 06:35:45 GMT
Expires: Thu, 16 May 2024 09:52:51 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 916a1e7ad327c98d73804e6539b0ff1a
|
|
| brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10032/1704450151823.jpg.base64 | 103.198.200.1 | 200 OK | 202 kB |
URL GET HTTP/1.1brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10032/1704450151823.jpg.base64 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size202 kB (201677 bytes) Hashe68d4cf4b366ddbbc83ee0c001b4b5f6 f2228e1702a78ce91e6949f4153a97239a276dc3 023066eb14f4b1fab2793aa9ff2ef2ef970499eeaac4573cfb04b1fc48d5e99a
GET /fserver/files/gb/1761/carousel/10032/1704450151823.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 201677
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6597d867-313cd"
Date: Wed, 17 Apr 2024 03:19:54 GMT
Last-Modified: Fri, 05 Jan 2024 10:22:31 GMT
Expires: Fri, 17 May 2024 03:19:54 GMT
Age: 614260
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-08
X-Cdn-Request-ID: f087c08c84acde057d0f8083fc564032
|
|
| brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10025/1699797435278.jpg.base64 | 103.198.200.1 | | 172 kB |
URL GET brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10025/1699797435278.jpg.base64 IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size172 kB (171549 bytes) Hashab72c5d60ca98f8d7fa0458899d91343 048dd73ac3f67a0709b3941424033a598eee446b 61daf2229d51eb0c9578044f5ee2f82b721e04cbc7a2216f3efc77bb025a1281
GET /fserver/files/gb/1761/carousel/10025/1699797435278.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 171549
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "6550d9bb-29e1d"
Date: Wed, 17 Apr 2024 03:19:54 GMT
Last-Modified: Sun, 12 Nov 2023 13:57:15 GMT
Expires: Fri, 17 May 2024 03:19:54 GMT
Age: 614261
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 7e18cea8f85e1c0087c4400eda51620b
|
|
| brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10019/1700636690750.jpg.base64 | 103.198.200.1 | | 235 kB |
URL brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10019/1700636690750.jpg.base64 IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size235 kB (234937 bytes) Hash9f7870855e42e905cc9e1fedf975c3b1 073f4353c2f33567c5bb6f6d0c2acb2ff4683874 0a46c15b36d591a87b73f6a47c1f9bb612cb14873552d135cf8d1cc35d6bfa69
GET /fserver/files/gb/1761/carousel/10019/1700636690750.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 234937
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "655da812-395b9"
Date: Wed, 17 Apr 2024 03:19:53 GMT
Last-Modified: Wed, 22 Nov 2023 07:04:50 GMT
Expires: Fri, 17 May 2024 03:19:53 GMT
Age: 614264
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 956b50fa7a6af50e2e7fa5ec8b8a3080
|
|
| brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10013/1696759154781.jpg.base64 | 103.198.200.1 | | 204 kB |
URL brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10013/1696759154781.jpg.base64 IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.gaokejd.xyz Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size204 kB (203925 bytes) Hashb4ffea1390e6142b1f37e91df5fb79c7 3833e7513f89d565145b286124bd1baec52aa72f 2e0a949f3561242bbd0a8d571bc1ce8b7a801a3a1929a3019319419816a2e31e
GET /fserver/files/gb/1761/carousel/10013/1696759154781.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 203925
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "65227d72-31c95"
Date: Wed, 17 Apr 2024 03:19:56 GMT
Last-Modified: Sun, 08 Oct 2023 09:59:14 GMT
Expires: Fri, 17 May 2024 03:19:56 GMT
Age: 614262
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: 69d9545cab76f619e6ae6aa0ba3a940d
|
|
| 55100bet365.com/index/getUserTimeZoneDate.html?t=lvdekphp | 188.114.96.1 | 200 OK | 119 B |
URL GET HTTP/355100bet365.com/index/getUserTimeZoneDate.html?t=lvdekphp IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6a169116ac1f17a3376e279e825bdfe7 df8a1dbe35a98853d81676dd48d4db5b0c9cda60 d86c672445dcb6a36f3d49da4b4b392af448d98ace4e5dc01811c2a0689bd475
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /index/getUserTimeZoneDate.html?t=lvdekphp HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:19 GMT
content-type: text/html; charset=utf-8
content-disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938239a539
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ajv%2BvwAYTS5WPG59mBfxXqGD2TH5bqCAIdzb8nO6xjshnnfby%2BsMn2yLWdaXJfUDomh8iH8SlKydEtn4QbltdNmFO2vYSvhhpmPVlpJ9oI%2BqzrDHSfLR1mLJ45qzHZQ4Uo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daecdce20afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/mobile-api/v5/origin/getFloat.html | 188.114.96.1 | 200 OK | 5.1 kB |
URL POST HTTP/355100bet365.com/mobile-api/v5/origin/getFloat.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (5797), with no line terminators Hash9a7f3b9c41d710ee6bea3849f8bef13d 043c968b0e2f82f6cf10dfc9b2cd8a2735099c90 490235654e390832dd1925da572d203a4a3688f80ebeccb2b5e12eff5d453ef3
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:18 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
access-control-allow-origin: https://55100bet365.com
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-17139382381bf6
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlFUaLYL7aOT3h64RDPu606ruFBHGemVQ2CN197GNhEHqIb5Eh%2B%2Ff7cV%2B8RMQ8yu8kYChS0TtWr6Z1gTg7EAYrLvrpQ%2F%2BIMk5SVNaIO3My1%2Bu5BWRCWb4B1tOe460n7OJ%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dae599c60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/mobile-api/v5/origin/getThirdParam.html | 188.114.96.1 | 200 OK | 103 B |
URL GET HTTP/355100bet365.com/mobile-api/v5/origin/getThirdParam.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash696fb49ead30121d5513e1c2b60d42a2 dd34a288bf6b0e4c295c1bb848705f58ba5f245d c030ec18bd43fe0351659670355a8fc897e26b6a34b990e8a4878a51b76a268d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=f7c95a7b6b031c620a6304190a7ddf24
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html;charset=utf-8
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938240340b
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNL259VGdT0zVS10a9%2Bn3xBwbJehDMn9bocWS3Kb%2FH%2BYxn20NvdUp8cC6LPQ%2BN3zpuiWi7TVH6UgIyTn9YfChU7Hpl3F8Xgm78Uv65BwbV0tOj%2FJw9HzoN9V26h85gUymZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daf2af6f0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/headerInfo.html?t=lvdekppx | 188.114.96.1 | 200 OK | 127 B |
URL GET HTTP/355100bet365.com/headerInfo.html?t=lvdekppx IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash43362fbab0a37f2355695b9a2aed1363 bacb4975499106a7d9c2a6360d60a904483f9213 73b32a418d977b4fddf4afe7553faf8e2fc94871b6ff9c4555edafb7d314fa2c
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /headerInfo.html?t=lvdekppx HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-disposition: inline;filename=f.txt
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-17139382393804
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgO4ctTBxYUSkCiK%2BMqFRr4btmAA7zWPRPxLegcsS7upcFoqiguVuiZk6w9GSUvf7h5pWm2bGlUB14JslByT6NAo6r6V6lLpXaYYZV7qK3OftHYN0%2FUbqWvYZXqHRn4N6lw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daeebdad0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/message_zh_CN.js?v=1713347147191 | 188.114.96.1 | 200 OK | 33 kB |
URL GET HTTP/355100bet365.com/message_zh_CN.js?v=1713347147191 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /message_zh_CN.js?v=1713347147191 HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:14 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:14 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: 01761-01-00000000-171393823447c6
out-line: gb-source-137
cf-cache-status: MISS
last-modified: Wed, 24 Apr 2024 05:57:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKiDA3tyjPr5kLZAD4n8Q5mfEoRl%2Fj8n56FBqe5YJr5d4%2FYwF3ND9yFf202xnlV3XpKyO0m2PvNnytVrZGGn4eTiMs38FR6SED5qjaRueL9FeR01jUeI%2Fz5dtZ8lNDXosmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daca8cbb0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/mobile-api/v5/chess/getActivityMsg.html?function=sign | 188.114.96.1 | 200 OK | 140 B |
URL GET HTTP/355100bet365.com/mobile-api/v5/chess/getActivityMsg.html?function=sign IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash8a912a1cb453f1d332c69c6fdd0d3629 8a7da066c09ed0ce711f0524fc7273e814dc89f6 51e780a944436376a888e7053614f95fce8236591338ec92946f937a3650a072
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html;charset=utf-8
set-cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-171393824008d1
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AfOsVB5btEKv5jJe9xVJwO1g%2BLMucXXbQCNeq9MSUm019dW4Z%2Bh6AdraU5598IqqjYBmbLRMzLb4St8Sqiso4hk92ysne7evws9NnEbeNIztk2oq%2BO%2FcdULtBoM9WBHAkFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daf07e6d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/mobile-api/v5/origin/loginSwitchCheck.html | 188.114.96.1 | 200 OK | 174 B |
URL GET HTTP/355100bet365.com/mobile-api/v5/origin/loginSwitchCheck.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash384b8edc0425027ea8363c2a3a1ccc8a 8fd8da38388b633453e57836f639a9105eba15c4 37a39fed46764175ca6e8cb7cd92deaebe855c5151b6154d65b5f42d8dc46519
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html;charset=utf-8
set-cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938240efab
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6ZApRrIeb04Y79Emsyvpditp4D%2Fv4R0EmQCRjxjFNQ4qVIEJS6sCgRe%2BT%2BP7x8Ps15EXwAp3pxwf9MG%2BASHQiXnHA4AHi2K4su7nO4ovoN6krJSemwzV2qohw1t9wU2pYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daf0ce910afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.96.1 | 200 OK | 442 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
Size442 kB (441495 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:57:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-html-cache: HIT-3600
x-frame-options: SAMEORIGIN
uuid: -
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSUS7Of2fe4KTP3zI2kmqd9awB5gMuE6J0sruhJUUqe4gwPWmtvs%2FVTH0ASjtKaYGUFpRFwDpOa5z8vcPbNhGnDAV6dB4AIAW5zU9AIPpGjas6Kl07fYJqCJuDdYpg8EERY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dac58a2556c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 55100bet365.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png | 188.114.96.1 | 200 OK | 6.1 kB |
URL GET HTTP/355100bet365.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash30eb0e841ea47a1f05854ebca3f9e9c1 0cb9874c32ff8837c1ffaf89cba502ceb3483b2b 382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:19 GMT
content-type: image/png
content-length: 6087
last-modified: Wed, 11 Aug 2021 06:10:54 GMT
etag: "611369ee-17c7"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:19 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vak31aj0iQ1CyuBnsdXBTEv8Mcz3S6BTCegktNIIbLLkQRJoamCo%2F5SizTXtiseLyMGHtV09aHOmb59uPA5VXmbQnssQeJqqZrLFxqzd0Kul5apylsfUca3yTz9UMWQVAIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daeaec360afa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 55100bet365.com/favicon.ico | 188.114.96.1 | 404 Not Found | 150 B |
URL GET HTTP/355100bet365.com/favicon.ico IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject55100bet365.com Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT
File typeHTML document, ASCII text, with no line terminators Hash3975df6acd9bb32205823270e122bb3f debbb3ecc9183ee7672f25d0f74eea74e3530298 13ed13454e3102135579e64775b002a66280f9eb99c31e4d8b59a69cf7e00425
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 | OpenPhish | phishing | Bet365 | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51Dz0tfE83pIYju62oP3ztjupDg20bIxhZKt13xJsM793Ocv7psGiocYybCzSlkHiwXoUN9nAg1A1m5qMBplg7oJtOkPaGQanBK9VYam2Z2ycWbcO%2Fj3SqBTxnV5tWnb2oo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daeeadaa0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|