Report - x836596.com/?__CBK=32918aafa5f9c4d37daf433df6add77181663748625

Report Overview

Submitted URL
x836596.com/?__CBK=32918aafa5f9c4d37daf433df6add77181663748625_21362590
IP
154.215.17.93
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Submitted
2022-09-21 08:24:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.trust-provider.cn	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	668 B	3.0 kB	47.246.44.205
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.42.74.230
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	5.6 kB	23.36.79.10
5mjjun.rbjgb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	34 kB	840 kB	163.171.140.79
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
x836596.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.9 kB	112 kB	154.215.17.93
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365
2022-09-06	medium	x836596.com/	Bet365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	x836596.com/?__CBK=32918aafa5f9c4d37daf433df6add77181663748625_21362590	Phishing
2022-09-21	medium	x836596.com/	Phishing
2022-09-21	medium	x836596.com/?__CBK=3b9572ebaa33dec307b3ef3518db5979d1663748643_21363180	Phishing
2022-09-21	medium	x836596.com/	Phishing
2022-09-21	medium	x836596.com/captcha/loginTop.html?t=jhzptiaj	Phishing
2022-09-21	medium	x836596.com/message_zh_CN.js?v=1663018038643	Phishing
2022-09-21	medium	x836596.com/mobile-api/v5/origin/getFloat.html	Phishing
2022-09-21	medium	x836596.com/index/getAppsUrl.html?device=android	Phishing
2022-09-21	medium	x836596.com/index/getUserTimeZoneDate.html?t=l8bczmtm	Phishing
2022-09-21	medium	x836596.com/headerInfo.html?t=l8bczn4b	Phishing
2022-09-21	medium	x836596.com/mobile-api/v5/chess/getActivityMsg.html?function=sign	Phishing
2022-09-21	medium	x836596.com/captcha/loginTop.html?t=l8bczndq	Phishing
2022-09-21	medium	x836596.com/mobile-api/v5/origin/loginSwitchCheck.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	5mjjun.rbjgb.com/ftl/commonPage/js/layer.js	22 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/layer.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen6351 Hash c42797aecccd5494e2b747cedf1a890b b9e06a6d245b6a3c87f2753db0c9c9aa020640b2 56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3 Loading...

	5mjjun.rbjgb.com/071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js	28 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen6327 Hash f8c2b37c1dc626eede6a2e3e37aa4504 d4e8419497caa64c8a850ac4808dddb89b5eeb3f 728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a Loading...

	5mjjun.rbjgb.com/071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643	33 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643 IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen6399 Hash 30be40425b37bee4158676082cef1f4d b41ed46721936872d5d7eadf303ce22938240d2a f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47 Loading...

	x836596.com/	9.5 kB	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash 1af1ed4517559752856bfbe1f0e286f6 12d363f7f67b6c4847d7fe49e0d055961c93d4ed 4fed6ba51874d66a380b506ce130fa3f920c8b64d2a9f2ce890b1a2a1d9a9db6 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-24 00:40:40 Times Seen13215 Hash b091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js	65 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen12840 Hash b5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e Loading...

	5mjjun.rbjgb.com/071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js	15 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen12602 Hash 4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9 Loading...

	x836596.com/	979 B	2023-03-07	2023-03-17
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 12:40:45 Times Seen1 Hash 1e57b07d5ac5c5d785e4d1b656d5c29a 7fe3a7db69c22556e7b7c4ab9123acfe3014ab13 16008b071dcb50c11f50d88882c22ce8ab7d0476ae8de34ac79e2240b698f1dc Loading...

	x836596.com/	13 B	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash 03aa1a2e70afee74d29feb16a6c5c000 c5c359d94b0abae1b76b618d604eda7b57a517fe 5def3333c95efa4ea12455ba50cc0a024a60477b846af560c7c092546815833d Loading...

	x836596.com/	115 B	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash d3eee9dd665075a8e4e5ce02dd88f558 6154dfc15e94da947672c1006ecabf9a7ac9337d 2d00ffed9634f85a798233d22f5aa0a266915eda27825b035402895cca0dbac4 Loading...

	x836596.com/	358 B	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash e1ea02398b70bbef856f0d9630328d15 ef05bb2fceed225d8066ff9c846a88266193fb3a a4e1af7aaeb2be1a059bf6d1d3429244c4b7fd8d38e2006352152f270cbe9d4b Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/websocket/Comet.js	17 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/websocket/Comet.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen6323 Hash 4de3e8bcf2f02d60519ca0d3584d3b8e 6323c2bf18b1bbf968e164bdf2e58d7677f67f8a 6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/moment.js	114 kB	2023-03-07	2023-06-13
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/moment.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-06-13 01:31:58 Times Seen1639 Hash 9bcf737d07f6f089ac8c8e11a1758fad fb186e78925c05500b7855bf7f4f9d00a5517acc cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688 Loading...

	x836596.com/	630 B	2023-03-07	2023-03-17
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-17 12:40:45 Times Seen1 Hash dd45282896e6d9062f15cf90670969fa 9bd565d73cf57fe42b7d06d42889ddf0404bab21 f1caa231ff53d9485d7c1e29deb102dee82f5e264cd82bfcfd2380f2c40313ca Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js	4.4 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen12601 Hash f77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7 Loading...

	x836596.com/	2.4 kB	2023-03-07	2023-03-17
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 12:40:45 Times Seen1 Hash 500798f6e14cce29d2951fd107513e36 d98328ae7a3c4fcc5f739fe2c5b4185c440a3dec 465c43ac819d342074fc5b96c73dc0ea4a3a307305efe78112282fb97e4dc4b7 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js	20 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen12629 Hash 5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811 Loading...

	x836596.com/	2.2 kB	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash 1f9330da7597e6b905e9355725232023 1f1a57c1c7ea07df5f4d4aba05a2fb37d4fe40fe 1e644cc2e08b822e19fa6dd0cc0ecc94bd568be031118ef7afa4a923a3832125 Loading...

	x836596.com/	767 B	2023-03-07	2024-04-23
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-23 00:06:46 Times Seen1158 Hash d079e410930d6fb6a5d396747bfe3a0f d14c05615f0827a2d36ad024d030a75889811a8b 046d12be3ee1a44dc2ed236e310b2f1d1853732767edc524592758f603a5d257 Loading...

	x836596.com/	798 B	2023-03-07	2023-03-29
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-29 23:35:35 Times Seen25 Hash d53d20e9187f4b32deaad828e8a725c3 883c68a294033e9ab7b00d80d007cf72cbb35f56 816f2e6476a9ed601e68f94c147fa2395a839a0d8d5c6c07573f29304eba41d9 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/lazyload.js	9.0 kB	2023-03-07	2023-03-17
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/lazyload.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:54 Last Seen2023-03-17 12:40:45 Times Seen1 Hash eb1dd45b12053b1cacc058f098470b06 62bd7f3a2943b9d2793b50aa72b4614cfb559480 c440756bb3bedc2500aeef2789e45f5b42498786fef39c7849c84e8c7c045ce8 Loading...

	x836596.com/message_zh_CN.js?v=1663018038643	33 kB	2023-03-07	2023-03-17
Pretty URL x836596.com/message_zh_CN.js?v=1663018038643 IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 12:40:45 Times Seen1 Hash 52620c2032acd357694e33f6fc03e670 262b9c8ac81934a91a8245d16d800ae400b9adaf e2e9877fd625fa0993bc32e25fc07e253653db1674a19c113e79dd06926ca053 Loading...

	x836596.com/	6 B	2023-03-07	2024-04-24
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 04:46:10 Times Seen7130 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	x836596.com/	48 B	2023-03-07	2024-04-24
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:39 Times Seen6283 Hash 37f0336a6fe3f56c661b149ecf659efe 9aff4163d5da3b8d760f0593c583dd8d1f6dfc14 f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js	45 kB	2023-03-07	2024-04-16
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-16 20:02:06 Times Seen5273 Hash 6ddb20c89aad63f86c5862b2f5c48a56 45da7bc94c509993ad003b3963c6e802b5ec248a 1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/gui-base.js	61 kB	2023-03-07	2023-09-12
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/gui-base.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-09-12 13:51:41 Times Seen3074 Hash 4f958aa7157a3b48caa17e42505396b6 67a2625ceeb29fd2d235c9c395c53ff505029b46 bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js	2.1 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen12604 Hash 07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d Loading...

	x836596.com/	654 B	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash b41616837d5ddf9684602f4ea9513f6c da0b6af7d2ecfeaba754101a2de8f1bcb2972327 cc737ecf7060b4a14cb35474a6e4528a4673ab69d8fdae8d9f96ee40b231a681 Loading...

	x836596.com/	432 B	2023-03-07	2023-03-29
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:40 Last Seen2023-03-29 23:35:35 Times Seen22 Hash 4971918db27f479d7547265607dd9be1 2c92a580873fdf3c2fe35eed4776eac9c7e3bad2 96ff94cba91b75fc197121bd80f416d1075bc60c32fcabd80275b32866b7e1cf Loading...

	x836596.com/	751 B	2023-03-07	2024-04-23
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-23 00:06:46 Times Seen1157 Hash 2f85eaef1f88c5e1cd173561097aae70 09204930b449802b37a4c9bad043074760fd2444 8a75ad4d4ea42e1837c06e051b80485e1a2e817868c4cfc7648f93427c443032 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/float.js	7.0 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/float.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen12605 Hash 829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271 Loading...

	5mjjun.rbjgb.com/ftl/bet365-1513/plugin/js/countUp.js	7.1 kB	2023-03-07	2024-04-23
Pretty URL 5mjjun.rbjgb.com/ftl/bet365-1513/plugin/js/countUp.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-23 00:06:46 Times Seen2246 Hash cc13495ac566c04d5972da9c11a1d870 d9be95a44caff4e4c1d758d0b29236db286ed5b7 ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a Loading...

	x836596.com/	143 B	2023-03-07	2023-03-17
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 12:40:45 Times Seen1 Hash 379ab648d7c9a3cc3bf84ceb2cf45924 6ca4bb927ea0945c51e0b3d2f5b3dae107226f85 7ac1ecd42607413b0bed2d18847cd89e424dc898a350603d05e4723f8ff88401 Loading...

	x836596.com/	8.1 kB	2023-03-07	2023-03-17
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 12:40:45 Times Seen1 Hash 2b09bc86d1142537255bfd55e86ffbe4 3c97937f36da4897674f3def9cb1638725b5f47f 5c74875eb8515927544eeb03da75c02bc296ce16e881c92b5f6b2716a15147d8 Loading...

	x836596.com/	72 B	2023-03-07	2023-03-29
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:40 Last Seen2023-03-29 23:35:35 Times Seen22 Hash 570f37af325995ff11c5807fb0f2df6d 726f9b3fd08054219de0f5502baeb056dfaa6522 9f81cd2c9d62292ce23ed2bb98c9a24631a282b611798e7d50d87e33c3b24089 Loading...

	x836596.com/	29 B	2023-03-07	2024-04-24
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:39 Times Seen1792 Hash 9846b4b0c961f85e4c150bd29f4b86e1 adf30369fc215e80b26536f1e24a1824ad3b81d5 163a003d567f6d41f861d978c558eced69ed2b25c863055ed8171eefa350784b Loading...

	x836596.com/	299 B	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash f30ec7bcdd0965aa0a1270bc3231eb7e 2a883ddedb7fdd9ae7f94bbcd05db17da6cf52b7 f045f1201aa675dc36abc7333934eb14678eae825510bf8f8311cc1a4013d062 Loading...

	x836596.com/	22 B	2023-03-07	2023-04-05
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-04-05 01:53:35 Times Seen29 Hash 55bed7b1ad7d4a188a7f10e0dc3c6c8f 50995870afdad2bafb91daf7464e527b376a65dc a5fe38107d5e58c7c365ac4288ba9216d5169c5c0790b7d98295c49d650553ac Loading...

	x836596.com/	3.4 kB	2023-03-07	2023-03-17
Pretty URL x836596.com/ IP 154.215.17.93 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-03-17 12:40:45 Times Seen1 Hash 45e5f2546a117e7b7373bcd67c04adf6 fe3cf2049c27986e969541489d3a4851e9dc768b 3f079db79bc615870b983a36e06f88a2630ae0ed3a27f60df97cbeabf99e33a9 Loading...

	5mjjun.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js	12 kB	2023-03-07	2024-04-24
Pretty URL 5mjjun.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js IP 163.171.140.79 ASN #54994 QUANTILNETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 00:40:40 Times Seen6321 Hash 3b4680db1e065116488f065419ca9f58 6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf Loading...

HTTP Transactions (115)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 08:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Uy6MAZmDT4JuSV0Kp5U4PuraN85U7PH3Zx4JI1szqcldYbImdVdMFQ==
Age: 630

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2904
Expires: Wed, 21 Sep 2022 09:12:27 GMT
Date: Wed, 21 Sep 2022 08:24:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
42ad6134119b511433cbfc29dbef14d3
7693bf0d88ce61b6ff77a1f4689c41c2385f92d8
1ae9063ccf043b81ed7550a7721409aabf5282f41af059ca5fed611e8789b02b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AE9063CCF043B81ED7550A7721409AABF5282F41AF059CA5FED611E8789B02B"
Last-Modified: Sun, 18 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3586
Expires: Wed, 21 Sep 2022 09:23:49 GMT
Date: Wed, 21 Sep 2022 08:24:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 7ccNtHtgh6bVRJMabNkcY7Vld+VD3gKxykH1nhgB9MryfFWzLnhHvUSrMv7gsVSLFhBxI/OMhi+Y98t24m/Npg==
x-amz-request-id: 1DGW784ME4XDB31K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Sep 2022 07:42:48 GMT
age: 2475
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:24:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

x836596.com/?__CBK=32918aafa5f9c4d37daf433df6add77181663748625_21362590

154.215.17.93

301 Moved Permanently

0 B

URL HTTP/1.1
x836596.com/?__CBK=32918aafa5f9c4d37daf433df6add77181663748625_21362590
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /?__CBK=32918aafa5f9c4d37daf433df6add77181663748625_21362590 HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Wed, 21 Sep 2022 08:24:01 GMT
Location: https://x836596.com/
Content-Length: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 08:03:22 GMT
Expires: Wed, 21 Sep 2022 08:40:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zW1npYl-p52Xsld12q7F25P4seimjz_dAc7WeQC_4ooaQ90IDlX95g==
Age: 1241

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:24:03 GMT
Last-Modified: Wed, 21 Sep 2022 06:46:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6N1Q/Gvwj/9Uj7s9oLPyJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8N+0QITUC8ekogRCsQlM92/7HNQ=

ocsp.trust-provider.cn/

47.246.44.205

200 OK

599 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
599 B (599 bytes)
Hash
3cccc44070789e30ac9688b509d92daa
4641c8e0d031ac82ba8e4a0577be78f1530d23b0
f124a925a53c80185f1024ccf49cc81e8a78ffa80bef913354515a993d5ac29a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 21 Sep 2022 08:24:05 GMT
last-modified: Wed, 21 Sep 2022 04:22:02 GMT
expires: Wed, 28 Sep 2022 04:22:01 GMT
etag: "4641c8e0d031ac82ba8e4a0577be78f1530d23b0"
cache-control: max-age=589676,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 74e16705a8ba9112-FRA
ali-swift-global-savetime: 1663748645
via: cache6.l2de2[265,264,200-0,M], cache9.l2de2[266,0], cache1.se1[347,347,200-0,M], cache1.se1[349,0], cache3.se1[351,0]
x-cache: MISS TCP_REFRESH_MISS dirn:4:253951058
x-swift-savetime: Wed, 21 Sep 2022 08:24:04 GMT
x-swift-cachetime: 1801
timing-allow-origin: *, *
eagleid: 2ff62c9716637486446471127e, 2ff62c9716637486446471127e

ocsp.trust-provider.cn/

47.246.44.205

200 OK

599 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
599 B (599 bytes)
Hash
3cccc44070789e30ac9688b509d92daa
4641c8e0d031ac82ba8e4a0577be78f1530d23b0
f124a925a53c80185f1024ccf49cc81e8a78ffa80bef913354515a993d5ac29a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 21 Sep 2022 08:24:05 GMT
last-modified: Wed, 21 Sep 2022 04:22:02 GMT
expires: Wed, 28 Sep 2022 04:22:01 GMT
etag: "4641c8e0d031ac82ba8e4a0577be78f1530d23b0"
cache-control: max-age=589676,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 74e16705a8ba9112-FRA
ali-swift-global-savetime: 1663748645
via: cache6.l2de2[265,259,200-0,C], cache19.l2de2[260,0], cache3.se1[360,360,200-0,M], cache1.se1[362,0], cache3.se1[364,0]
age: 0
x-cache: MISS TCP_REFRESH_MISS dirn:11:312243153
x-swift-savetime: Wed, 21 Sep 2022 08:24:05 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9716637486446471126e, 2ff62c9716637486446471126e

x836596.com/

154.215.17.93

200 OK

1.4 kB

URL HTTP/1.1
x836596.com/
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.4 kB (1408 bytes)
Hash
ba8be2eb7bd45b586382b52cd65dfe55
6504e1a1c82fe1fe9fc2cb5250dea260a65bcea6
ad96b4bcddbf442e0e0cec5e18092881001296af1d6ea1795feb6365ceb0aa44

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17369
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:24:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17369
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:24:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17369
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:24:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12654 bytes)
Hash
f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 4729
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 38447
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9574 bytes)
Hash
eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 38581
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 63944
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5402 bytes)
Hash
5f4438521bfdc6871ae384abcb7da547
a17fc7a7c30999b8789011c2064f5a8704b00eee
2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvaLH1-IAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KBsiDc6LmziklLtN8BUFv9QDsj7s9zEFhmtXtlIfBp_RKoBPpqOgfA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 18:17:10 GMT
age: 50815
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9399 bytes)
Hash
10ad73e887b57566c4ba3ae763552a2e
63252bd8cc72452c4c6be84593d704ae9bf97d1f
7d58d096045066af053eb1a1fc3878d3e2080aa50b71aa30fa5b7929693ab004

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9399
x-amzn-requestid: 44705828-c137-4ab5-8538-5d4595a2b058
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvkJGjxoAMF6-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c80-3cb542a303a59002480c82b2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:08:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PIZx2S4HyPokzOhbut6yFxH_-32I3SvT1jbeo2rSxQtkgYZGcqjBJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 37688
etag: "63252bd8cc72452c4c6be84593d704ae9bf97d1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

x836596.com/favicon.ico

154.215.17.93

200 OK

1.4 kB

URL HTTP/1.1
x836596.com/favicon.ico
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.4 kB (1419 bytes)
Hash
c369b5ae4ba31b215dcb8f3c806b99be
83c36e912b0323a9e950499beef6c1bdc4d87c76
3c4e3c88f22ae286508ad04f3d1b1e581a4f7144451a0d767f11fb82957932e7

Detections

Analyzer	Verdict	Alert
openphish	Bet365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked

x836596.com/?__CBK=3b9572ebaa33dec307b3ef3518db5979d1663748643_21363180

154.215.17.93

302 Found

0 B

URL HTTP/1.1
x836596.com/?__CBK=3b9572ebaa33dec307b3ef3518db5979d1663748643_21363180
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /?__CBK=3b9572ebaa33dec307b3ef3518db5979d1663748643_21363180 HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Content-Length: 0
Location: /

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
e4389f769d3d88337502a3a7d2a2842c
912cfbe0e8f8aafc39482e24edbca80958f2d44d
7fa1c84430f46be98addca2a69a4075b1ef7bb4aff9a8900305c76e63d2e1371

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 21 Sep 2022 08:24:08 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
e4389f769d3d88337502a3a7d2a2842c
912cfbe0e8f8aafc39482e24edbca80958f2d44d
7fa1c84430f46be98addca2a69a4075b1ef7bb4aff9a8900305c76e63d2e1371

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=846
Date: Wed, 21 Sep 2022 08:24:08 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
e4389f769d3d88337502a3a7d2a2842c
912cfbe0e8f8aafc39482e24edbca80958f2d44d
7fa1c84430f46be98addca2a69a4075b1ef7bb4aff9a8900305c76e63d2e1371

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=859
Date: Wed, 21 Sep 2022 08:24:08 GMT
Connection: keep-alive
X-N: S

5mjjun.rbjgb.com/ftl/bet365-1513/themes/style/common.css

163.171.140.79

200 OK

6.0 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/style/common.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
6.0 kB (5961 bytes)
Hash
6459661673494c86a93ec913f9d2b56e
df0afec3dc3f3d806ba57a3260097c2929461fd3
56956ccda8b25d96a3647ffb1317953df1160193accde5a7d034da9d848bfdf0

HTTP Headers

GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
ETag: W/"631d86f0-7005"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 12043483:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1cc96_21894-6194

5mjjun.rbjgb.com/ftl/commonPage/themes/gui-skin-default.css

163.171.140.79

200 OK

6.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/themes/gui-skin-default.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.2 kB (6239 bytes)
Hash
faa813178ade8cea14681048003402fc
24cb2b87562ec77adf96712159c1c3af38be18d0
d174049c6e24abcca0cae9c67f3b5009a58d63a21e31c987ba1cd674446dbb96

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Tue, 08 Dec 2020 01:20:12 GMT
ETag: W/"5fced4cc-7b2e"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_39753-59700

5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css

163.171.140.79

200 OK

16 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (11889)
Size
16 kB (16056 bytes)
Hash
2edb491223d979de485a00175cf91fea
c5f4069cf004abdbc388f5e52b70bbba95f697f7
6a5fc90ba50679f82d521b27a1544b0f64646d50f5ec118b35b83c0d90a2d4b2

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Mon, 29 Aug 2022 08:05:14 GMT
ETag: W/"630c733a-13018"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_38653-16595

5mjjun.rbjgb.com/ftl/commonPage/themes/hongbao.css

163.171.140.79

200 OK

5.4 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/themes/hongbao.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (336)
Size
5.4 kB (5415 bytes)
Hash
46836a29169bcda7f0f5d51a6da6dcc8
3a005e1fdb9c19fa4280ab6863bd6866bbbc9b7a
a8f12309c5b8668b9b3ddd20c9191ea3f34b65f19aa138d12b5fbf6e67be2c44

HTTP Headers

GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Tue, 08 Feb 2022 01:25:14 GMT
ETag: W/"6201c67a-c4b3"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_38653-16601

5mjjun.rbjgb.com/ftl/commonPage/themes/gui-layer.css

163.171.140.79

200 OK

6.8 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/themes/gui-layer.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (489)
Size
6.8 kB (6773 bytes)
Hash
110d22bfddbe4b9471970692e754e98a
1ef210fcbaec614c82d5c4742942c273afaac014
85dba37cbd82a5786c6b82f6267493b1ff2432d9983c32a7a19c6578048b74b7

HTTP Headers

GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Thu, 21 Oct 2021 06:25:10 GMT
ETag: W/"617107c6-c380"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_39753-59706

5mjjun.rbjgb.com/ftl/commonPage/js/float.js

163.171.140.79

200 OK

1.9 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/float.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
8b4e801d5503887441bd73cf271e664e
a46e84fc4fc0f786dfccb475aedbae067cca84bc
2037542592a6f0b6b63e3cb1151dd3bc9f9906fe4304a8fdffe2332f19fb14bc

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
ETag: W/"612747ba-1b2f"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml62:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_39753-59709

5mjjun.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js

163.171.140.79

200 OK

12 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (32030)
Size
12 kB (11951 bytes)
Hash
bdc1b3c51317fbcdc9adfc6a6b6cbd55
73b40ee99272efcaef069f00e94723ca214edd2c
80b0cffc2c782c23aac9b7b667ebe14818bf1ee007db0b7a3fe025173ff655f7

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-b07e"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ef124:0 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1cc96_21894-6198

5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

163.171.140.79

200 OK

34 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
ddc1e8fce07f211afd9c03035149256d
bb86a4eed0e665d56cf8f4b211556f6876f7fda0
a4fe9a045492402a80e14d3821974814dbfc12f3f435fb448356ed97ce66a81a

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-176d4"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:21 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_38653-16603

5mjjun.rbjgb.com/ftl/commonPage/js/websocket/Comet.js

163.171.140.79

200 OK

4.0 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
3a90921abc0a5219ad4e664bde3e21e0
ffbc673a0954970a87f93506625f066522959388
41f06410d8adf8c53247dbe6c9972165e4a9835c8089cf5bac8198900aaabeb5

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
ETag: W/"60f60fb5-43bc"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml62:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_39753-59714

5mjjun.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js

163.171.140.79

200 OK

3.3 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
902ae6c577ffaad07a9ff299ce0ab884
294c86c2fc8dc7e2aacf10bef6334e43466819f4
225efabd27ce5d8f1e842efd8c5b987761e56ef00f0dcf0e38c10766d29a7904

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
ETag: W/"6260ddd4-2f13"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1cc96_21894-6199

5mjjun.rbjgb.com/ftl/commonPage/js/lazyload.js

163.171.140.79

200 OK

2.3 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/lazyload.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
2.3 kB (2322 bytes)
Hash
fe962406a9d548234f5b336341c74af4
6865796780072e7030bc6c3fee3655868f832ff3
69e3983c1622857934a86511f900f2a3e0b0684761850039a431a90f65c31bf6

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Wed, 14 Sep 2022 06:30:09 GMT
ETag: W/"632174f1-2331"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHK5sn200:6 (Cdn Cache Server V2.0), 1.1 ml62:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_38653-16604

5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

163.171.140.79

200 OK

1.4 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
1e4e9f51375b084a5459f174b6749b60
cf92e8319b5afd4aac588de5073c7d5d470a1aa7
71d123ac7af06a251719002717d0b2806f7e1c43450e559196b517c308110a19

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-1151"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1cc96_21894-6201

5mjjun.rbjgb.com/ftl/commonPage/js/layer.js

163.171.140.79

200 OK

7.6 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/layer.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
84191d1091731fc35babf501ff6a08bf
13f401266fc74700486a120bb0df31e00152f492
51bae893893c406293bf77a7d6b84e7741607005bd99a64bc9e9be8f3a2a13f0

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-55f6"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:12 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_39753-59716

5mjjun.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js

163.171.140.79

200 OK

797 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
1be1d6290006e67bcb2facdfa571a4d1
f5ae95ab95254a0834b9155e3594ef814f8c6837
02cb7cdd1b17375d306f6a4e3a16ba8b064166fceffd4bd45af5adc0ae37e894

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
ETag: W/"6260ddd4-828"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PSxgHK5sn200:4 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_37347-52377

5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

163.171.140.79

200 OK

17 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
32902107484bcea4bbdd212cff7d8839
ef787384e54a4e9ca9e4274b04cb549e4b45c25e
d466c9ac142a38070d5b7c3bbbed22d612eb57142872aea789d4d4b4085686f5

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-fc8b"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 12043483:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_38653-16606

5mjjun.rbjgb.com/ftl/commonPage/js/gui-base.js

163.171.140.79

200 OK

16 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/gui-base.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11041)
Size
16 kB (15770 bytes)
Hash
19e66c044fc9fc7ce9ea5cf7bd78d95e
9db2e2c21aff19d26a4c5fcb0a38c872d2223fcb
560a4d32861a43072d4e6a75cf6bbe431fac1140895b0cfacef736018a0aca1b

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-ee4d"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml62:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_36287-58998

5mjjun.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js

163.171.140.79

200 OK

5.0 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
8f17b626f7567907c75744e49f2a3f82
7721233d4187213262bc270a30d51bd591aaa688
d6001c5431433a6dfce869da8a9467baa51debc3220e116066afe060d4919f73

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:41 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-4ea4"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PSxgHK5sn200:4 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_36287-58999

5mjjun.rbjgb.com/071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

163.171.140.79

200 OK

4.1 kB

URL HTTP/1.1
5mjjun.rbjgb.com/071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
e760677f4c48d9f9e8b95ef4b6f87fa8
1e8731b8c43003b65a5e7132d6e51d1e991eb125
3e6115c7f94633f37aa0482064ff05299010e6b7d36b3ee8698389f83f5536c9

HTTP Headers

GET /071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Mon, 18 Jul 2022 10:47:22 GMT
ETag: W/"62d53a3a-3a09"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 ml64:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_39753-59717

5mjjun.rbjgb.com/071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

163.171.140.79

200 OK

7.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
c17b22c0a40d8f005cef017ef26312e8
55c36e9350fab8f6736651c93f7de4a1238d1659
a3b028b38141f7015e137b2b02aa4f5f971137fcd9108c9770be195426d57631

HTTP Headers

GET /071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:33:36 GMT
Last-Modified: Mon, 18 Jul 2022 10:47:22 GMT
ETag: W/"62d53a3a-6caf"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 ml64:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1cc96_21894-6203

5mjjun.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css

163.171.140.79

200 OK

911 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text
Size
911 B (911 bytes)
Hash
287b6b8f1ef0d064f10fb8c6063de18e
c0671e7287f3390346c2250474ccdc0a11015db5
7c6a09f79f2f68528f3adac1c437567ae93b76983a0be73cfdbd2c5bd45a0731

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-b5d"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca29_PShlamstdAMS1se91_38653-16609

5mjjun.rbjgb.com/ftl/commonPage/js/moment.js

163.171.140.79

200 OK

27 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/moment.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Size
27 kB (26878 bytes)
Hash
87976c42a710df8092a45e8a9780383e
0bbf47ceba3d32989dda43826a402925dd7ef094
b38379dcea9929a2222cb136243b2f58ad8578c104b9675808b41461aa9efd77

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Thu, 09 Jun 2022 08:55:07 GMT
ETag: W/"62a1b56b-1bf5b"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml64:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca28_PShlamstdAMS1se91_37347-52378

x836596.com/

154.215.17.93

200 OK

64 kB

URL HTTP/1.1
x836596.com/
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (480)
Size
64 kB (64462 bytes)
Hash
c956d8b94289e465d215d31cbab5a2fd
d90fcacb0d16fdd9595e65c6c7459210035569de
fa366198aa875595499fd6df5e5674fb55a3d44465ec3a80c38af2515a2c7c0e

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:08 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-html-cache: HIT-3600
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-source-106
Content-Encoding: gzip
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked

5mjjun.rbjgb.com/071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643

163.171.140.79

200 OK

5.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
3bdcff823cee54e2337932cb9d306566
436ab9ae33ed90d9a1fe087e25540c7dc381589a
080d1c38ed29b8790cd5831c14fd5431fbb7650721ceda323f9b8c467e8d60a9

HTTP Headers

GET /071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:10:13 GMT
Last-Modified: Tue, 13 Jul 2021 01:50:28 GMT
ETag: W/"60ecf164-7fd7"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ld122:1 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca29_PShlamstdAMS1se91_38653-16611

5mjjun.rbjgb.com/071911/rcenter/common/static/css/gb.validation.min.css

163.171.140.79

200 OK

3.8 kB

URL HTTP/1.1
5mjjun.rbjgb.com/071911/rcenter/common/static/css/gb.validation.min.css
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
d51611d3e17ac5a1deec5990bc566d40
a0f11d99c3819d8e564e2e721fc2dfdb697d4e56
d09021aa2121ea450e9328268d81dbaac3fc13b510ea6d0272005a4f4c8e2f09

HTTP Headers

GET /071911/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:28 GMT
Last-Modified: Mon, 13 Sep 2021 05:23:34 GMT
ETag: W/"613ee056-2d52"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca29_PShlamstdAMS1se91_37347-52382

5mjjun.rbjgb.com/ftl/bet365-1513/plugin/js/countUp.js

163.171.140.79

200 OK

2.1 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/plugin/js/countUp.js
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
Unicode text, UTF-8 text
Size
2.1 kB (2076 bytes)
Hash
9cea3c8cd78f789629714cc29ca4f391
3b05805e2353acbae373b6b1bd4d4cdf50466be0
c9cab2410047b6a399def05d9b295dc589c309f583ccb16f7937b04aa6d85652

HTTP Headers

GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
ETag: W/"615584f5-1be5"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PSxgHK5sn200:4 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:11 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca29_PShlamstdAMS1se91_36287-59008

5mjjun.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

163.171.140.79

200 OK

6.9 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:29 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1ad7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca29_PShlamstdAMS1se91_38653-16612

x836596.com/captcha/loginTop.html?t=jhzptiaj

154.215.17.93

200 OK

1.4 kB

URL HTTP/1.1
x836596.com/captcha/loginTop.html?t=jhzptiaj
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3\012- data
Size
1.4 kB (1381 bytes)
Hash
8c32a9f46816ba49137c8cb0150f2e98
7e0a87caeea47438261225a27407f29f1c9307f0
d4f0e25485df53005370acd146e358a3cb67b61aa8e457170cb4001e7a0fb1a4

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:09 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: route=d5111660aa5774c7169f53d64466e92a; Path=/
SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=; Domain=.x836596.com; Path=/; HttpOnly
tempSid: 9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16637486492e7a
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked

x836596.com/message_zh_CN.js?v=1663018038643

154.215.17.93

200 OK

9.8 kB

URL HTTP/1.1
x836596.com/message_zh_CN.js?v=1663018038643
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
Unicode text, UTF-8 text, with very long lines (17848)
Size
9.8 kB (9801 bytes)
Hash
703b18cd1749714113b3554e6bcd5607
f64d61264a663029a30249ab3ac0679d15ea42b3
9df1af2f570a19e36734ed58ae2a082149a95082e59b539c14051d6009672ff8

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /message_zh_CN.js?v=1663018038643 HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:21:32 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Thu, 22 Sep 2022 08:21:32 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-1663748492df03
out-line: gb-source-106
X-Cache: HIT, HIT from cdn-FirelineHK-8c
Content-Length: 9801

x836596.com/ftl/bet365-1513/themes/images/index_left_title.png

154.215.17.93

200 OK

2.5 kB

URL HTTP/1.1
x836596.com/ftl/bet365-1513/themes/images/index_left_title.png
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
PNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2480 bytes)
Hash
243751ae9e30b49a76dc9877ad060823
45ced5a86e90e3c2bfdda3598e82fc58d47ea292
5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e

Detections

Analyzer	Verdict	Alert
openphish	Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-9b0"
Date: Wed, 21 Sep 2022 08:21:32 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Thu, 22 Sep 2022 08:21:32 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-FirelineHK-8c
Content-Length: 2480

x836596.com/ftl/bet365-1513/themes/images/license.png

154.215.17.93

200 OK

21 kB

URL HTTP/1.1
x836596.com/ftl/bet365-1513/themes/images/license.png
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
PNG image data, 198 x 249, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20854 bytes)
Hash
6b050a88569349c273caa04328ad5219
b8d7f0fed474522391c84e424585f045563c60cd
3740a6aa129a59a5382f6cd772dcdb598a034229d79c2d40f21210b1625a8895

Detections

Analyzer	Verdict	Alert
openphish	Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/license.png HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-5176"
Date: Wed, 21 Sep 2022 08:21:31 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Thu, 22 Sep 2022 08:21:31 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-FirelineHK-8c
Content-Length: 20854

5mjjun.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0

163.171.140.79

200 OK

3.1 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
ASCII text
Size
3.1 kB (3111 bytes)
Hash
bc013c0567c33a98be0767b19ac106dd
f58c32f32a3072d30f996207bbb089769dd9d826
d5b7c17d36e6047f07d5c59c4c17dcac04115103213af0c84f5a7e898a8dc496

HTTP Headers

GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Sep 2022 20:28:42 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
ETag: W/"6131d862-48e4"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16633

5mjjun.rbjgb.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=e728a4184b6cdd41ae35eec1a4b9a74e&wsTime=1663748650

163.171.140.79

200 OK

2.3 kB

URL HTTP/1.1
5mjjun.rbjgb.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=e728a4184b6cdd41ae35eec1a4b9a74e&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 139 x 29, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2276 bytes)
Hash
52a331a9176f0e79b54a961fabdadb81
f2b3c1eecc85589242ba6cab9e5ff605364f415e
8ddf9b81682f988f038c7b64d1880a2c18f519497e75b569e0bdea65413d55d6

HTTP Headers

GET /fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=e728a4184b6cdd41ae35eec1a4b9a74e&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 2276
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Wed, 30 Sep 2020 10:55:15 GMT
ETag: "5f746413-8e4"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16636

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=fff751b57571687f916a8cc081f81780&wsTime=1663748650

163.171.140.79

200 OK

6.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=fff751b57571687f916a8cc081f81780&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6682 bytes)
Hash
c77f25179cb35f442d78c765405f197e
a623a26a74bb807164c7d95e469a8c31be793a5f
7463103945d72f56abb34b0c17c335dde4bd28b73efa82170a6ffba5909e62eb

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=fff751b57571687f916a8cc081f81780&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 6682
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Wed, 22 Jul 2020 12:25:50 GMT
ETag: "5f18304e-1a1a"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6243

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=2954b98665dac4af7e7ba72afae6e715&wsTime=1663748650

163.171.140.79

200 OK

2.9 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=2954b98665dac4af7e7ba72afae6e715&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2906 bytes)
Hash
89dccacb8673dfe06bb4c834ae3ad221
5fe92b8d5f5c7aa49c2c8c63d3ba9af5c06c3718
ed349910edf41922abd448073e5549c64f611e3e6c37822e38e0ac2c0ad50bcf

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=2954b98665dac4af7e7ba72afae6e715&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 2906
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-b5a"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59760

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=baa2663bffe29e3294c3078197bd6812&wsTime=1663748650

163.171.140.79

200 OK

5.3 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=baa2663bffe29e3294c3078197bd6812&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, interlaced\012- data
Size
5.3 kB (5335 bytes)
Hash
715accde73ee91614d615e95f82739f9
1c47e65ab9b1ad7074f9b7dd934a816bd3ef834e
13d1b623d4dd66c17067a7aea27e71fc4510406a946f13c86f99c499b4e7aa62

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=baa2663bffe29e3294c3078197bd6812&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 5335
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Fri, 08 Jan 2021 07:45:06 GMT
ETag: "5ff80d82-14d7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:21 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_37347-52404

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=fe50ee05d1c53c54c21ab43a650e4bc0&wsTime=1663748650

163.171.140.79

200 OK

4.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=fe50ee05d1c53c54c21ab43a650e4bc0&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4152 bytes)
Hash
af8e634c913f2a0398342b315793de02
886daf11ed8cb8a67313b28f042100c3a87cedd0
ab903e832a7be190aab69d16acfd4f4c3694760a8b215e06ec356541f33d4b27

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=fe50ee05d1c53c54c21ab43a650e4bc0&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4152
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:33:36 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1038"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59043

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=f0b57ec6c69c84242fc96b2f29df30b2&wsTime=1663748650

163.171.140.79

200 OK

2.1 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=f0b57ec6c69c84242fc96b2f29df30b2&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2145 bytes)
Hash
b224f5c6f0321dba6c0730cfb52c5caa
06fc8641b0f75514db0e2de37f2f8821484b0824
f5af43e1319fd7352f90632ea4541e479a30a664cda3be710869bc54b3c4bb21

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=f0b57ec6c69c84242fc96b2f29df30b2&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 2145
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Wed, 24 Nov 2021 08:14:48 GMT
ETag: "619df478-861"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59044

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=2851e4b5909dd0a9088e75dcee8b70bd&wsTime=1663748650

163.171.140.79

200 OK

4.6 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=2851e4b5909dd0a9088e75dcee8b70bd&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4646 bytes)
Hash
6367cd3c681901e312cb07b638199763
00c3a6f5637892f270fae08dce4b2d52bd3a9ab5
65f8fbc997841ff7e0c55ac7d409bf7769d7bc83e04473c740580c4ebda8b6da

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=2851e4b5909dd0a9088e75dcee8b70bd&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4646
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1226"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16637

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=939be67de41139b50b99d3593feb89f4&wsTime=1663748650

163.171.140.79

200 OK

6.1 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=939be67de41139b50b99d3593feb89f4&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
6.1 kB (6121 bytes)
Hash
a76ef82febe3f738505be4fbe5f937c9
fd03a2b51bec9d07c359692dc6c3347a163fbc90
3b615683d2d685ff22698be0b84d7ca39d057faa0d614d41c83c51ca06f412f9

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=939be67de41139b50b99d3593feb89f4&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 6121
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-17e9"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:12 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_37347-52406

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=a1bc89aaab528de45e23f2f7bad4960e&wsTime=1663748650

163.171.140.79

200 OK

5.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=a1bc89aaab528de45e23f2f7bad4960e&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5727 bytes)
Hash
a2040151bcd2b19d418bd4fcd5ac9d8c
5b4601fb188d8f6eaf6c1fb16f2d0ec9f9d3082e
bdd7e20d16f1020eb8333a37e789a166ec8db535318a09804279854caafdd854

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=a1bc89aaab528de45e23f2f7bad4960e&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 5727
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:58 GMT
Last-Modified: Wed, 19 Feb 2020 08:16:45 GMT
ETag: "5e4ceeed-165f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6244

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=4328418efe6b481d34bd3c36b848865a&wsTime=1663748650

163.171.140.79

200 OK

5.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=4328418efe6b481d34bd3c36b848865a&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5241 bytes)
Hash
2b49878c65b37d8436f02176aab24863
b3f87149ef0f58c09a1a8c0047a0b92d0099db70
a21a5acef7ac66b0e8b9a4f1e959cf0c911de622d02c30c9448eca21022058cc

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=4328418efe6b481d34bd3c36b848865a&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 5241
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1479"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59046

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=56ff0997bdb5c69321d9b7ccc4d60a10&wsTime=1663748650

163.171.140.79

200 OK

4.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=56ff0997bdb5c69321d9b7ccc4d60a10&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4232 bytes)
Hash
851bc43c07207b0813c18bef2d19e93a
b4a338be347c09b5c95145b1e8b387f7b731409b
ce35caef3c0d1468ff4446343ab903d56e9bb9e31ff70c75fc568f8cbbc12a61

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=56ff0997bdb5c69321d9b7ccc4d60a10&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4232
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:58 GMT
Last-Modified: Wed, 24 Nov 2021 08:14:48 GMT
ETag: "619df478-1088"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59761

5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=c1f9fb2a888a0aaceed37a0245f8200b&wsTime=1663748650

163.171.140.79

200 OK

4.5 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=c1f9fb2a888a0aaceed37a0245f8200b&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
4.5 kB (4502 bytes)
Hash
a6d5dc01fb05c1594b4463047f0d4ca9
0c2c51e152822d6ff838939bdaac4bc8c9daa6a7
4514baa50c78ce7ba02287adb13f677f79490f3b27eb47434c8174c808112536

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=c1f9fb2a888a0aaceed37a0245f8200b&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4502
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Mon, 11 Apr 2022 06:10:13 GMT
ETag: "6253c645-1196"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59047

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=dac9df79204ba243c6af885ae510a1b0&wsTime=1663748650

163.171.140.79

200 OK

4.9 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=dac9df79204ba243c6af885ae510a1b0&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4876 bytes)
Hash
fbc974184b18d827643872da1d2739b3
746e2c9f0a914a235ce40cc05c49f6db9eca3042
e47f831e00225a9098d4476a48e06eddc6868f480fd2983ed9b3a5a695673c08

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=dac9df79204ba243c6af885ae510a1b0&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4876
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-130c"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16638

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=c79091cdb242d649b9a95f0d924a27d8&wsTime=1663748650

163.171.140.79

200 OK

5.0 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=c79091cdb242d649b9a95f0d924a27d8&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (4991 bytes)
Hash
8f67f5e64a8f4d60603b0a6e1c38e6ee
f9c32ab52c3abeb39d8c5d63dd15bc3ad6d405dc
7b199776ac719337083313728c34ba2b41aa1b022628e74116fd6c0ff5d07bfd

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=c79091cdb242d649b9a95f0d924a27d8&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4991
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-137f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 12043483:4 (Cdn Cache Server V2.0), 1.1 ml64:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_37347-52407

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=e3b255667b25ad6199d27afd29e37558&wsTime=1663748650

163.171.140.79

200 OK

6.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=e3b255667b25ad6199d27afd29e37558&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6693 bytes)
Hash
63c298e01595b32f4f2971eb27f783fe
9adc401ac856b459f1cfb38aed5e3cfd06638370
b9d963160361f311bae0eec8d26862cfeebc48ba2550923850c16a05bf362ff1

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=e3b255667b25ad6199d27afd29e37558&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 6693
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1a25"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6246

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_casino.png?wsSecret=d0715b5ba503c5bdd192f064571267af&wsTime=1663748650

163.171.140.79

200 OK

4.5 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_casino.png?wsSecret=d0715b5ba503c5bdd192f064571267af&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
4.5 kB (4534 bytes)
Hash
a7e7b05569568ecd0b1ead75fb95c09b
04f1c9f182fa92bdd50b077832c94b35ef883e54
d5745f287627927eed249abd81eb1157e35b802e39c7b41c3eb0ebc3c828650d

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_casino.png?wsSecret=d0715b5ba503c5bdd192f064571267af&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4534
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-11b6"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59050

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_live.png?wsSecret=5d2853452e0218a22b0a3b263211c68b&wsTime=1663748650

163.171.140.79

200 OK

4.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_live.png?wsSecret=5d2853452e0218a22b0a3b263211c68b&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4722 bytes)
Hash
50131f6464f919d825a3a4e6df880e3b
873858bc4f2468bf96ab561fe7c7846affb0c28e
6c7a853c7aee278b699cc5ecc219a8302f130ba4cfa74e7db189e68cef092bd5

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_live.png?wsSecret=5d2853452e0218a22b0a3b263211c68b&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4722
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1272"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59051

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_sport.png?wsSecret=166b83bd8f71b91fa93c6c790755d529&wsTime=1663748650

163.171.140.79

200 OK

4.4 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_sport.png?wsSecret=166b83bd8f71b91fa93c6c790755d529&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4376 bytes)
Hash
2cd1ba94626259c8da256ce96f29c1d3
e5df37b38f73118dd9b8a01df3bfa89c2b8ca7b3
da5b51a8701850aa23830fe79ec24cfd3eb1e8bc873aeef301cb9b8a5bfb2c1b

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_sport.png?wsSecret=166b83bd8f71b91fa93c6c790755d529&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4376
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1118"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59763

5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_help.png?wsSecret=72c5d33ec88002910059f0eba373e12a&wsTime=1663748650

163.171.140.79

200 OK

4.3 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_help.png?wsSecret=72c5d33ec88002910059f0eba373e12a&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4254 bytes)
Hash
5b44dd263dd1cf25933f2e2190f5170e
8abfc08b3e807ab38b6f21cb7800d358ee7e49aa
31dd526cb7fffa943e6d8f9ea3f64b5570e60a20ed4641030fd83b11be27b62a

HTTP Headers

GET /ftl/bet365-1513/images/footer_title_help.png?wsSecret=72c5d33ec88002910059f0eba373e12a&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 4254
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-109e"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16639

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=9ace41758f2405009ffe771d5684ffac&wsTime=1663748650

163.171.140.79

200 OK

1.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=9ace41758f2405009ffe771d5684ffac&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 14 x 18\012- data
Size
1.2 kB (1248 bytes)
Hash
d7ee8c341d86a4bb78532e2d8e721b7e
0e9394a2905d235b6a7215a03f0a5f8534451bef
ff425363cf8edbb85d152bcdc36a137596829b6c003ac77a1be531922cd8f055

HTTP Headers

GET /ftl/bet365-1513/themes/images/hot1.gif?wsSecret=9ace41758f2405009ffe771d5684ffac&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/gif
Content-Length: 1248
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-4e0"
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6247

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=fabeaf8d71ac2603b6302d4a77c975aa&wsTime=1663748650

163.171.140.79

200 OK

918 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=fabeaf8d71ac2603b6302d4a77c975aa&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x796, components 3\012- data
Size
918 B (918 bytes)
Hash
28b9980238466725db46247eeb3ae314
5490115ce6b25413f142811de784c6460cb7bab2
32c09d293a7029ae5c392f2986a13296809654b4e3816ebc5b9dd7a31a9fb51d

HTTP Headers

GET /ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=fabeaf8d71ac2603b6302d4a77c975aa&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/jpeg
Content-Length: 918
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-396"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59052

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=c18dff67a07a390ad8f8ab3930a47104&wsTime=1663748650

163.171.140.79

200 OK

3.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=c18dff67a07a390ad8f8ab3930a47104&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 307x260, components 3\012- data
Size
3.7 kB (3728 bytes)
Hash
884ab3a54eaeeee2c944773ac757ebcd
1aded473eecfb23f06fc59d4cc989853d2117489
bb3a93104a804d751e4456abbef235889811b806243edbbbb31a757c070b612a

HTTP Headers

GET /ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=c18dff67a07a390ad8f8ab3930a47104&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/jpeg
Content-Length: 3728
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-e90"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59766

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=0a043163d55f66465d25f293c3bc325a&wsTime=1663748650

163.171.140.79

200 OK

318 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=0a043163d55f66465d25f293c3bc325a&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 14 x 14, 8-bit colormap, non-interlaced\012- data
Size
318 B (318 bytes)
Hash
e149b3e85d15c14a150036f93b296253
0006db6a1d3cc14a1d6da738d3243674d6110f84
9137d5630ca64621c97786e21e5ff77e75de43a4e0597aa6974e25d59082428e

HTTP Headers

GET /ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=0a043163d55f66465d25f293c3bc325a&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 318
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-13e"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59053

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=0c713bf82e43f9aa82c50f4632494f6f&wsTime=1663748650

163.171.140.79

200 OK

740 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=0c713bf82e43f9aa82c50f4632494f6f&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 36 x 38, 8-bit colormap, non-interlaced\012- data
Size
740 B (740 bytes)
Hash
d2020a71d2421b3d25dc61b5d3791fa9
95253209215c094261111d322b008882c5ea44cf
c10dc5600856216b21a2a3af99e8a3e9fd7b7a022ed9c0d54c1eb1a8d2eeb201

HTTP Headers

GET /ftl/bet365-1513/themes/images/slot_more.png?wsSecret=0c713bf82e43f9aa82c50f4632494f6f&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 740
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2e4"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16641

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=448541f9ae3417d483475abde06cadbb&wsTime=1663748650

163.171.140.79

200 OK

20 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=448541f9ae3417d483475abde06cadbb&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3\012- data
Size
20 kB (20422 bytes)
Hash
b3f1a365e502da9ff5a176396d415771
7c7967837cd4704a21265da90bcc978a1c98eaac
42af959e91e71e0af8d559e88bb0537cdfa8a89e7d593a2d1d179b22691736e7

HTTP Headers

GET /ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=448541f9ae3417d483475abde06cadbb&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/jpeg
Content-Length: 20422
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-4fc6"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6248

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=30701fbcdf9c409aaa8377895b877b51&wsTime=1663748650

163.171.140.79

200 OK

873 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=30701fbcdf9c409aaa8377895b877b51&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 30 x 30, 8-bit colormap, non-interlaced\012- data
Size
873 B (873 bytes)
Hash
aae380c627076a477224dc2ccdc60c88
f60cadb09dac7476733f1924aa59853cb98df7ab
7e6d9e46386b12a52b52e4361c17f23e3b3041947155d6a9286b9ec563350273

HTTP Headers

GET /ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=30701fbcdf9c409aaa8377895b877b51&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 873
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-369"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59770

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/list_head.png?wsSecret=c0b4d5bf5e7e9801a972af909fbf56a5&wsTime=1663748650

163.171.140.79

200 OK

111 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/list_head.png?wsSecret=c0b4d5bf5e7e9801a972af909fbf56a5&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 5 x 23, 2-bit colormap, non-interlaced\012- data
Size
111 B (111 bytes)
Hash
21fb21afd6064e87b0f471e81a00469f
b706061210181a99108aed97c7e694f08b0e5a29
7eeab9f0c7b8fb99b0973ad8e07b720cc651893ef4400204937f1962b3d5ed17

HTTP Headers

GET /ftl/bet365-1513/themes/images/list_head.png?wsSecret=c0b4d5bf5e7e9801a972af909fbf56a5&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 111
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-6f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59055

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=9c6fb711f5359b5a98740e1beb08b6fb&wsTime=1663748650

163.171.140.79

200 OK

1.7 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=9c6fb711f5359b5a98740e1beb08b6fb&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 28 x 33, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1704 bytes)
Hash
7cc35487e902b5a225eb1c7bafcab384
c93a1544416caff36cf704c2d9361d7acd0b1fc0
3acedbde98f248f7dd0167f15dd644e473a9455b23c3d44056c7b383712fa32b

HTTP Headers

GET /ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=9c6fb711f5359b5a98740e1beb08b6fb&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 1704
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-6a8"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16644

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=3e1afda7bbdfda008f08f87dca3cad64&wsTime=1663748650

163.171.140.79

200 OK

3.1 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=3e1afda7bbdfda008f08f87dca3cad64&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 259 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3083 bytes)
Hash
d2523fd53cda5e60ebc8c997ecc48f82
eb77e52163a77ce43da2488259ca0d9f5be36e6b
f6bbf2c57164cb4f4cbf26ab2deef162518af6ca4d803a45ab5e22f9086232b8

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=3e1afda7bbdfda008f08f87dca3cad64&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 3083
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-c0b"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59056

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=035bfc8ca66b8139d0a1cd88d38b457c&wsTime=1663748650

163.171.140.79

200 OK

13 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=035bfc8ca66b8139d0a1cd88d38b457c&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12679 bytes)
Hash
f0f041843a33f8356cb6ad96fb74c2f5
42fd118f67208a2491b5fe3b8a9e30c0ae2e51b4
fbb999a8d57dbee751c035fd30e9c4bbdbb16f440f6886f285d540c33d4381f9

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=035bfc8ca66b8139d0a1cd88d38b457c&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 12679
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-3187"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59772

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=02567d9355b2d6996e1382354370d0fe&wsTime=1663748650

163.171.140.79

200 OK

12 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=02567d9355b2d6996e1382354370d0fe&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 861 x 68, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12448 bytes)
Hash
56c2eec7f48eb3d9671c0be5ae85122e
31673dee121aeefb578b0399c772b98bbea2d33f
59dccedf293c4425ced117b504ddd0d96d7e4460ba90cfe0f7c82173f35c9552

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=02567d9355b2d6996e1382354370d0fe&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 12448
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-30a0"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6250

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=236c687a4d13969dac2385e91c61deb1&wsTime=1663748650

163.171.140.79

200 OK

10 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=236c687a4d13969dac2385e91c61deb1&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10488 bytes)
Hash
34e3bd0d952cf4bb9092e070e348d2cc
650132049dc41e5773763105171871671f3454a8
6647178c379774784e1d97b75ede766542a6bf070b1e53834864aab318daaafa

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=236c687a4d13969dac2385e91c61deb1&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 10488
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-28f8"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16645

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=f4847057bae9d9d13b161c294d9f3327&wsTime=1663748650

163.171.140.79

200 OK

928 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=f4847057bae9d9d13b161c294d9f3327&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 171 x 34, 8-bit colormap, non-interlaced\012- data
Size
928 B (928 bytes)
Hash
6a35d7146f6fb12966be9d95ec7390f0
4e08c3f9269809beff65e607577204e3fa259d22
3892610b331020e0c985693c462ea4c2f1a2a86194fc1a61562725820c7e81cb

HTTP Headers

GET /ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=f4847057bae9d9d13b161c294d9f3327&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 928
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-3a0"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59773

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=18404bee4b8b0c301fc22218d887aa54&wsTime=1663748650

163.171.140.79

200 OK

19 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=18404bee4b8b0c301fc22218d887aa54&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3\012- data
Size
19 kB (19222 bytes)
Hash
d06d179cfd809dd45cd071fd1aefb40a
343efa5fdbe90c21443d4ab53ca3e1bb579d973f
6c0365335149978f1ab9b2980e13e95dea2538c2e21a54e7ddeb33ca21a1b039

HTTP Headers

GET /ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=18404bee4b8b0c301fc22218d887aa54&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/jpeg
Content-Length: 19222
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-4b16"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59058

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=4887085ff92f4b07589bc9b5e54b4a23&wsTime=1663748650

163.171.140.79

200 OK

538 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=4887085ff92f4b07589bc9b5e54b4a23&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 31 x 30, 8-bit colormap, non-interlaced\012- data
Size
538 B (538 bytes)
Hash
892feea4e5200bad99b81a1d0f08de44
f0ab65687dae79bb8d17acee21af91861382c55d
e353da507c7cd437813dae33a058d8b1b7c41aeab30489499abb99b0d542699e

HTTP Headers

GET /ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=4887085ff92f4b07589bc9b5e54b4a23&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 538
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-21a"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6251

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=3c042d74b54a12956e5cd815dfa90c36&wsTime=1663748650

163.171.140.79

200 OK

543 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=3c042d74b54a12956e5cd815dfa90c36&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 35 x 30, 8-bit colormap, non-interlaced\012- data
Size
543 B (543 bytes)
Hash
730071bbc93fe62be758c91e08e477e3
809ece67f2e7ae25f91de7ae082ab63b43068591
e02f4603a6ce557ca57f7aab0a3359d4baeb77abd4f3c9e0b9af59c2dffcccef

HTTP Headers

GET /ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=3c042d74b54a12956e5cd815dfa90c36&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 543
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:55 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-21f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:11 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16647

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=94a2ae5bc9a743e2cc378587bd660f8a&wsTime=1663748650

163.171.140.79

200 OK

95 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=94a2ae5bc9a743e2cc378587bd660f8a&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 302 x 131, 8-bit/color RGBA, non-interlaced\012- data
Size
95 kB (95223 bytes)
Hash
7342be391839a9f3577416ecec727997
e8787b6f61f92a5b0104e584c0bb6ef5fef95cd7
2a35483ce4e6048fe99173aaca64ac50c66f27e108d6986183013c689177dcd2

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=94a2ae5bc9a743e2cc378587bd660f8a&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 95223
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-173f7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59057

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=59aefd6a32f5acead764acbc8de887aa&wsTime=1663748650

163.171.140.79

200 OK

720 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=59aefd6a32f5acead764acbc8de887aa&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
720 B (720 bytes)
Hash
eafb012d74f2fccb8980ff1f5fe07ef4
81ce3388b2452316c98a04232e85fea66875a4bb
cb620d60f10951a0d7adfa808e9591e672c5669c8e2701e39d0120c9474e8c17

HTTP Headers

GET /ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=59aefd6a32f5acead764acbc8de887aa&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 720
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2d0"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_39753-59774

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=f947980d516b3b6f4c2e89c146f3b03a&wsTime=1663748650

163.171.140.79

200 OK

421 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=f947980d516b3b6f4c2e89c146f3b03a&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1x606, components 3\012- data
Size
421 B (421 bytes)
Hash
3b818a8e981df7bd62b44be39b0c4c98
d833407d5ff08e4b5d6503951f01cd2f1c9ed3c1
fca542f60ac7b1d89c6806136f5faca8433dffe65687b921a973de952590f68c

HTTP Headers

GET /ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=f947980d516b3b6f4c2e89c146f3b03a&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/jpeg
Content-Length: 421
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1a5"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59059

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=afa01c472966ce43d720389e225854f4&wsTime=1663748650

163.171.140.79

200 OK

9.9 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=afa01c472966ce43d720389e225854f4&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 180 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9923 bytes)
Hash
efbea615018e4733d9c40d6bdb6c799f
6c97e61d83dba5f380bb943ffed709b75786b51c
9a87511ad5d13eff3b7693505f536d6f0f8a71846fe069973ce64983efa72b53

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=afa01c472966ce43d720389e225854f4&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 9923
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-26c3"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6253

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=72d0c50a4f0203e0c98521d35444e98e&wsTime=1663748650

163.171.140.79

200 OK

12 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=72d0c50a4f0203e0c98521d35444e98e&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11890 bytes)
Hash
a02f1d45ed4ce0a8a2f9837cfa215843
57bd5aa4347c4fc913c6dce38df9d4d0ed467508
041b0bbe548392af8a849b349d4f68fd88d57481581f9d7c2839d77c2141139b

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=72d0c50a4f0203e0c98521d35444e98e&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 11890
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2e72"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16649

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=646af7ac338840fb656573e2c8a82cd2&wsTime=1663748650

163.171.140.79

200 OK

2.2 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=646af7ac338840fb656573e2c8a82cd2&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 302 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2203 bytes)
Hash
6527c1b3a7f70d7508197f67a446aff8
93f80378927881f42d5d505934456675e5b87c73
ebc5325574340a37dd6d9927b124a4891c1dfb7016988b033cf2e4932fc360eb

HTTP Headers

GET /ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=646af7ac338840fb656573e2c8a82cd2&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 2203
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
ETag: "631d86f0-89b"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01cZq86:2 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59060

x836596.com/mobile-api/v5/origin/getFloat.html

154.215.17.93

200 OK

918 B

URL HTTP/1.1
x836596.com/mobile-api/v5/origin/getFloat.html
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (910), with no line terminators
Size
918 B (918 bytes)
Hash
8e05eab4f1435c8c8af7989c4ecd5488
96162b6ed6c336f358f62fea14d8b44c6ee0b3a5
150a35718505b78f30a454d586f1b145964a37ce540fe73d4ebbcf8705d7eec7

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://x836596.com
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=d5111660aa5774c7169f53d64466e92a; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=f213f96779f053a02667be524c91fbf5; Path=/
Access-Control-Allow-Origin: https://x836596.com
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16637486503b28
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 918

x836596.com/index/getAppsUrl.html?device=android

154.215.17.93

200 OK

901 B

URL HTTP/1.1
x836596.com/index/getAppsUrl.html?device=android
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JSON data\012- , ASCII text, with very long lines (1140), with no line terminators
Size
901 B (901 bytes)
Hash
695c9647bcc6c948bca096ec34e6bf2b
75fd5014a1b8b3e2cf0c2246ea05954dc66cb121
ebbfcbdf7bf529390332971032e9f9cf3a740f500e9901c8ecda5668522bf3e5

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /index/getAppsUrl.html?device=android HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=d5111660aa5774c7169f53d64466e92a; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-166374865075a2
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=566cc90cb0eb4269839c9c994c9272c1&wsTime=1663748650

163.171.140.79

200 OK

519 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=566cc90cb0eb4269839c9c994c9272c1&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 15 x 17, 8-bit colormap, non-interlaced\012- data
Size
519 B (519 bytes)
Hash
abf297e51fa41e9771aa7392fa9cba44
f76236aa20e9b0d8032666ff853fa87489049b08
1e082f27f562177c07f18f10e71d37d43ded6c836d16d425272ff33c51c3c798

HTTP Headers

GET /ftl/bet365-1513/themes/images/oclock.png?wsSecret=566cc90cb0eb4269839c9c994c9272c1&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 519
Connection: keep-alive
Expires: Thu, 22 Sep 2022 08:24:10 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-207"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_37347-52408

5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=0614d391f90da107f87cf8132dfe7b36&wsTime=1663748650

163.171.140.79

200 OK

131 kB

URL HTTP/1.1
5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=0614d391f90da107f87cf8132dfe7b36&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x260, components 3\012- data
Size
131 kB (130692 bytes)
Hash
e5806b88f464030b4cb56a4a96a2add9
5661a4136d6de32327575f8edbae9ba10860904a
f9f8bf9b6175f68614c6f2a6a1ebb7ed1a7c09dd18de1032775ebfcc9ab47481

HTTP Headers

GET /fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=0614d391f90da107f87cf8132dfe7b36&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/jpeg
Content-Length: 130692
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sun, 11 Oct 2020 07:55:47 GMT
ETag: "5f82ba83-1fe84"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59064

x836596.com/index/getUserTimeZoneDate.html?t=l8bczmtm

154.215.17.93

200 OK

119 B

URL HTTP/1.1
x836596.com/index/getUserTimeZoneDate.html?t=l8bczmtm
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JSON data\012- , ASCII text, with no line terminators
Size
119 B (119 bytes)
Hash
8434fe4752bfcc3e0d87230ea942ec14
fa30aaaf89ba894eb6a18adec61c175a900d8f4b
9d890f92b57e6f73a9443e16fb86c0d2f5fc9b94faa77acb7e6cc16d4379afac

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=l8bczmtm HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=f213f96779f053a02667be524c91fbf5; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: text/html; charset=utf-8
Set-Cookie: route=ed164cc67d0677a98cad90146fef1e4e; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16637486500916
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 119

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=a006af7f2d5e3f5204f6efa21ca73e7e&wsTime=1663748650

163.171.140.79

200 OK

680 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=a006af7f2d5e3f5204f6efa21ca73e7e&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 169 x 34, 8-bit colormap, non-interlaced\012- data
Size
680 B (680 bytes)
Hash
dd8380feb68da72f3f8fe960f611ce7c
707651dea23c986d71afe91337a2822d3945b552
f25f16a3e8f11c5e37793ddbaf9351a915d8df2e1c8d39cac01dadd255de9573

HTTP Headers

GET /ftl/bet365-1513/themes/images/member_login.png?wsSecret=a006af7f2d5e3f5204f6efa21ca73e7e&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 680
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2a8"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 12043483:4 (Cdn Cache Server V2.0), 1.1 ml62:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_38653-16664

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=641479b07eb02ee1b4a15cbde7cf54df&wsTime=1663748650

163.171.140.79

200 OK

306 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=641479b07eb02ee1b4a15cbde7cf54df&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 11 x 14, 8-bit colormap, non-interlaced\012- data
Size
306 B (306 bytes)
Hash
8eff7c810e9fe738953f72c30600c49d
76d0ff44cfe59218f5520bb880ca1a8b227185be
ce1d697df52ad12d4443c85c7d257ccdfc48803bdc84409ed7732231587f56d0

HTTP Headers

GET /ftl/bet365-1513/themes/images/input_id.png?wsSecret=641479b07eb02ee1b4a15cbde7cf54df&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 306
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-132"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_37347-52421

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=4cf70d2034e7cebd7f72d5d65695c226&wsTime=1663748650

163.171.140.79

200 OK

295 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=4cf70d2034e7cebd7f72d5d65695c226&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 11 x 14, 8-bit colormap, non-interlaced\012- data
Size
295 B (295 bytes)
Hash
8a10f6dde7ab93278fce03968f25594f
61bc29c3cd2a21ca6ff9dc300cfbe3b7789b7862
6792a1a4f681b2d608c6a3e1964e0d2ef9b3fcf743ce3b8afee4a1c97ea2da7b

HTTP Headers

GET /ftl/bet365-1513/themes/images/input_pw.png?wsSecret=4cf70d2034e7cebd7f72d5d65695c226&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 295
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-127"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1cc96_21894-6278

5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=bfe75da2881996650614673f4f2d5ef3&wsTime=1663748650

163.171.140.79

200 OK

328 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=bfe75da2881996650614673f4f2d5ef3&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 190 x 66, 8-bit colormap, non-interlaced\012- data
Size
328 B (328 bytes)
Hash
c84badf514a135594e25cbcd6a5e6d4b
6883fd7e93396a9aeb426d2035a724335b5e04c4
5975ef695aff12c818fe0c61c10a3a14b01f38dbfc7d102de8c1d3444befa08e

HTTP Headers

GET /ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=bfe75da2881996650614673f4f2d5ef3&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:10 GMT
Content-Type: image/png
Content-Length: 328
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-148"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59072

5mjjun.rbjgb.com/ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=0c122508765fdb623c79a78b01393302&wsTime=1663748650

163.171.140.79

200 OK

487 B

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=0c122508765fdb623c79a78b01393302&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
487 B (487 bytes)
Hash
781062dc23675b1bce34ae394fb04e88
ae4ce5f36facd039efdb9ca4ba4fcfa5f310b9b4
14cd3b391a10d10314e70f1252e5e90525b280d4a4b5328097c0c0f2d5f28a79

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=0c122508765fdb623c79a78b01393302&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: image/png
Content-Length: 487
Connection: keep-alive
Expires: Thu, 22 Sep 2022 08:24:11 GMT
Last-Modified: Fri, 02 Sep 2022 09:55:12 GMT
ETag: "6311d300-1e7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
X-Via: 1.1 PSxgHK5sn200:3 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2a_PShlamstdAMS1se91_36287-59068

x836596.com/headerInfo.html?t=l8bczn4b

154.215.17.93

200 OK

117 B

URL HTTP/1.1
x836596.com/headerInfo.html?t=l8bczn4b
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JSON data\012- , ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
85dc0e655284ce325b96b97ccaab8c03
ffe3322b59bb276e5d1695db6ae40c1649d79891
33c24d8e89d42286dd52fa021f590461292b2ed26657a35be6129a175d870d96

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /headerInfo.html?t=l8bczn4b HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=ed164cc67d0677a98cad90146fef1e4e; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1663748651fa58
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked

5mjjun.rbjgb.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png

163.171.140.79

200 OK

1.3 kB

URL HTTP/1.1
5mjjun.rbjgb.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1321 bytes)
Hash
a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936

HTTP Headers

GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5mjjun.rbjgb.com/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Expires: Thu, 22 Sep 2022 04:02:31 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-529"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2b_PShlamstdAMS1se91_38653-16677

5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=4b9f67d2f025aa8567e690fca2c786fe&wsTime=1663748650

163.171.140.79

200 OK

154 kB

URL HTTP/1.1
5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=4b9f67d2f025aa8567e690fca2c786fe&wsTime=1663748650
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 692x516, components 3\012- data
Size
154 kB (154403 bytes)
Hash
fd67307817e801a6d49bf7dfbe9c5c71
4ac44fc33a77e1fcfef00694cff47ae09febef07
56e75486b317320c6bc9872dc57559edf40270892ee7c4543c0d9065e22b49da

HTTP Headers

GET /fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=4b9f67d2f025aa8567e690fca2c786fe&wsTime=1663748650 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: image/jpeg
Content-Length: 154403
Connection: keep-alive
Expires: Wed, 21 Sep 2022 22:59:58 GMT
Last-Modified: Sun, 03 Jul 2022 17:04:48 GMT
ETag: "62c1cc30-25b23"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 632aca2b_PShlamstdAMS1se91_36287-59080

x836596.com/mobile-api/v5/chess/getActivityMsg.html?function=sign

154.215.17.93

200 OK

140 B

URL HTTP/1.1
x836596.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
140 B (140 bytes)
Hash
5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=ed164cc67d0677a98cad90146fef1e4e; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=421d81cc3407fa49ff6ade34c3182d72; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-166374865165fd
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 140

x836596.com/captcha/loginTop.html?t=l8bczndq

154.215.17.93

200 OK

1.4 kB

URL HTTP/1.1
x836596.com/captcha/loginTop.html?t=l8bczndq
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3\012- data
Size
1.4 kB (1414 bytes)
Hash
21251c0c94d1d6296828ef878e253979
7478cff4e9125b0764a30916e88dbeb404fa0b8f
5872c6e7fa8917424892b2b098e490c9d1c4368f8fb5c64984ec660d952bee08

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /captcha/loginTop.html?t=l8bczndq HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=ed164cc67d0677a98cad90146fef1e4e; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16637486519f99
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked

x836596.com/mobile-api/v5/origin/loginSwitchCheck.html

154.215.17.93

200 OK

174 B

URL HTTP/1.1
x836596.com/mobile-api/v5/origin/loginSwitchCheck.html
IP
154.215.17.93:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
174 B (174 bytes)
Hash
1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing

HTTP Headers

GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: x836596.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x836596.com/
Cookie: route=ed164cc67d0677a98cad90146fef1e4e; SID=9vy1YFVcDCIEIYRBnAspAkAyvXFWBczy4qPuvxQjSkCiv83AJZ/UaFMLs4a2NxLpyQaicJgY0eQzhFfDiX+7I+eHnDWW8UFmKMbtcvQdRR6er3V03ZU=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Wed, 21 Sep 2022 08:24:11 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=f213f96779f053a02667be524c91fbf5; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16637486514b1c
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 174

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations