Report - dd365w.com/

Report Overview

Submitted URL
dd365w.com/
IP
20.205.118.3
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-06-02 01:15:28
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-02	1.7 kB	4.8 kB	104.18.14.101
1gruet.rbjgb.com	unknown	2020-06-18	2022-07-28	2023-06-02	20 kB	1.6 MB	104.250.44.1
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-02	680 B	1.8 kB	54.230.80.227
vue.livelyhelp.chat	292217	2020-04-15	2020-06-12	2023-05-31	2.8 kB	1.1 MB	54.230.111.59
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-01	340 B	942 B	54.230.80.227
chat.livehelp100service.com	unknown	2021-12-08	2022-06-06	2023-05-31	1.6 kB	10 kB	76.223.67.229
dd365w.com	unknown	2018-12-01	2019-05-30	2023-06-01	467 B	224 B	20.205.118.3
	unknown				9.4 kB	229 kB	20.205.118.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	dd365w.com/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	dd365w.com:8989/	48 B	2023-03-07	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:27 Times Seen6272 Hash 37f0336a6fe3f56c661b149ecf659efe 9aff4163d5da3b8d760f0593c583dd8d1f6dfc14 f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f Loading...

	vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js	527 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen1024 Hash 7dd3e386b0cd8e8e061c5ccd55f57312 99829047a3d6dd8636a99cb7d40b2ff2253eee09 944dda37179d5929ff731e111c822c37f610f701b9625ff85aa1d9fcc55fdc57 Loading...

	dd365w.com:8989/	505 B	2023-05-31	2023-06-10
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 13:31:19 Last Seen2023-06-10 09:24:02 Times Seen256 Hash 633a11639d47389449f6e5762e40d35a a02159a12a3322f697d3e62cdb34802db2defe74 6a00e9f7e7d72a8e1b87d5f462e1cdd74cdc34ec6f72bef4aad89d4b3131bda4 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js	61 kB	2023-04-05	2023-09-12
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2023-09-12 13:51:41 Times Seen3042 Hash b575e784995b44bfb0e8124cfcca1680 eb382fae3719c0f731383a17bbf59e4630795d13 196ee421870c9e54c6bf9b13e97c73dea3955632d9eca37ee87cdcdd1a8b7df3 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/layer.js	22 kB	2023-04-05	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/layer.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6266 Hash cb96339625e9d456e32f86cdb3c7a7a1 1301165c58bbb13c542cba493b7ab5774e87e31f 17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js	65 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:28 Times Seen12816 Hash b5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e Loading...

	dd365w.com:8989/	705 B	2023-05-31	2023-07-09
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-07-09 16:39:17 Times Seen59 Hash 3d83749672d8eead4924517a020a3849 52408355cb50bb543374fc6fb721120c0a787b0d b3d61dc6556ceab09f68e778f8918ec7813d47a8280d3136004f9be214bcdc67 Loading...

	dd365w.com:8989/	17 kB	2023-05-31	2023-06-05
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-06-05 08:29:53 Times Seen18 Hash 1b5dc94076037e1bdf31eacf6676df5b 5662cca1ff7bf291696535203f20bfb7d31de00e c3f21e2deaa3259a27ef961f8304bef111ac45b1146e873ad9f903e9f4cb1b57 Loading...

	dd365w.com:8989/	13 kB	2023-04-05	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6277 Hash 109d40ff6f9b3510b169fac4b8e845ce 4ce0fc768718f555487159ddd745e728a0c74c64 7b782f2e9589aa72ddadf4546c0f09709c73bea1339cd0ce893dfc40f6252949 Loading...

	dd365w.com:8989/	11 kB	2023-04-05	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6254 Hash 6681856885ee92601b7711c11d19553f 95ab4437869df8c790cad28e0753a4c9ea362e73 ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js	2.1 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:28 Times Seen12580 Hash 07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d Loading...

	dd365w.com:8989/	3.6 kB	2023-04-05	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6252 Hash d15a9b513acdcf3e9b08901384511565 f1fe72392137895e4952f835c0330f76aacfecdf 9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js	11 kB	2023-04-05	2023-08-31
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2023-08-31 08:58:03 Times Seen2511 Hash 95bb24446bd217df4f93461f70c7678c 2140c5afa733bf625108c85556736bdc70319ca9 dd6779210bf5c2670d3a2fea9cd108bc1471b25e074a9ea86017d46827e32d2f Loading...

	1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js	15 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:28 Times Seen12578 Hash 4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9 Loading...

	1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961	33 kB	2023-04-05	2024-04-19
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6373 Hash a55780dc13cbf1a8d375f14ebb659cf2 9548cc269bcde0dc48e166fa6bab37af8a649e57 35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8 Loading...

	dd365w.com:8989/	21 kB	2023-05-31	2023-06-05
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-06-05 08:29:53 Times Seen18 Hash 83d779de109d685f20e7e7993287c278 275bfbb487d9e19d35c71174c4cb3c967eae56e9 2503c8fe6ddbbfbea62d55425cd4113648e690bef2f10c9f26de821d01674625 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/float.js	7.0 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/float.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:28 Times Seen12581 Hash 829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271 Loading...

	dd365w.com:8989/	20 kB	2023-04-05	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6248 Hash 9f5bce1aa50f72fd0834901c70db4f43 41771079bee5eb45539e694a5eff580732ab26b0 a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js	45 kB	2023-03-07	2024-04-16
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-16 20:02:06 Times Seen5273 Hash 6ddb20c89aad63f86c5862b2f5c48a56 45da7bc94c509993ad003b3963c6e802b5ec248a 1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f Loading...

	dd365w.com:8989/	6 B	2023-03-07	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 22:54:58 Times Seen7111 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	dd365w.com:8989/	1.8 kB	2023-04-05	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6244 Hash 9f1681b5a72417b33c2869aab85af152 b40a6d9c6d058c2bd6e126a1b0191182926b9d04 eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js	4.4 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:28 Times Seen12578 Hash f77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7 Loading...

	dd365w.com:8989/	2.4 kB	2023-05-18	2023-11-28
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-18 01:25:27 Last Seen2023-11-28 09:25:01 Times Seen4082 Hash 91354abf0f62578b55d4dc04437f8866 22eb91f9ead6e7634670722da74d4a61b3c08150 035fec121949808f22f48133184d8fd307c2535912d140df791987de106c44d9 Loading...

	dd365w.com:8989/	116 kB	2023-05-15	2023-06-03
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 07:00:24 Last Seen2023-06-03 14:35:25 Times Seen29 Hash f1477af9d867f593f2f41a2c6dbb5e18 01a856adb01b6539c924aa4ae366566b3a1f02a1 d3ab85f6d77f345ac7ed17d4be84b491f18944a00beb6735235319a90e48f345 Loading...

	vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js	74 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen982 Hash a835f52554aadc654111d559a421a1d6 c804b433151b32bf2a1cd5d9f447914c42a49346 ff6165fa761e7550a6d458ecff1ce641fb84a0a70a1f4f72bfc4c5b704c574ea Loading...

	dd365w.com:8989/commonPage/lan/i18n.js?t=1685668506.736	1.3 kB	2023-06-02	2023-06-02
Pretty URL dd365w.com:8989/commonPage/lan/i18n.js?t=1685668506.736 IP 20.239.71.172 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 03:15:34 Last Seen2023-06-02 03:15:34 Times Seen2 Hash 92664ef8a95ed94dd1800aa0f6cbff4c 247e15fb5607fe06818031dada885b77cc4b482c 7483a8942c67860f48819cd280db1349ad7298e9de6a7b0767b1957c74c22e76 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js	12 kB	2023-04-05	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6276 Hash 466a7ed7d00986d45375c0cbffb5233c 68845ead668e9abd29c24b491dbf97b219226c08 7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123 Loading...

	1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js	28 kB	2023-04-05	2024-04-19
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:27 Times Seen6267 Hash 9c41709c2b64126b909c101a27f39153 4ab666b36c092577acb41390ad90e96d5fea7711 c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60 Loading...

	dd365w.com:8989/	650 B	2023-05-06	2023-08-20
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash c4af43bcc8d8cd9acf99544a95e53f38 af12b7071f210cb46cd974ea0b03f9d1163c20ac 2525d0056cb27b35eec76689ad8a8491b59df03836820acbc2aa68527853aefc Loading...

	dd365w.com:8989/	5.9 kB	2023-04-05	2023-08-03
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2023-08-03 06:50:56 Times Seen2123 Hash 21d16b4bf9ca9dee56b6bd4c6fbc07fc a470fb54fc85c0f66587c8b18cf3720d81c5089f 949b743a6ee9cfc4a7f10b05969df89c626007d65b2f27f2aa8d501c30c8f2a9 Loading...

	vue.livelyhelp.chat/livechat.ashx?siteId=60000906	1.6 kB	2023-05-16	2023-06-07
Pretty URL vue.livelyhelp.chat/livechat.ashx?siteId=60000906 IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 01:15:51 Last Seen2023-06-07 12:06:56 Times Seen39 Hash 8977c6daf6d218e81806160d6c7f4285 107c3b13e6fcf5d0cb2999ed8b7b78d40fe85187 85fa4175daee1b1704395ac9cd1ce3a2dedc5458b4bdc5365432d0c717b019c1 Loading...

	vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js	61 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen892 Hash a97c5b0f2a1783a30ddf13de86d049bf 4c40fb76a09c6a6d07c3ec3b7665f1a8eae587b6 1d34d3038a74c748da83226c713a8813601a9589d12d10e178d6d6584ceb3d9b Loading...

	unknown	278 B	2023-04-14	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 20:29:13 Last Seen2024-04-18 08:19:45 Times Seen5542 Hash cf0aad09d2e7287c48d72501c4ed8cbd 7950b8c00d5a278b662dbccd11af31398a408e51 72512199b29d971b5fe854b1f610604dcbdec2c38666c106f1d15863e0df32db Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js	17 kB	2023-04-05	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6281 Hash 1008fe6a5e1a182d7775963b85405bb2 e174a7b08cc3cb5545af1cd33d2814e604119392 7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/moment.js	114 kB	2023-03-07	2023-06-13
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/moment.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-06-13 01:31:58 Times Seen1639 Hash 9bcf737d07f6f089ac8c8e11a1758fad fb186e78925c05500b7855bf7f4f9d00a5517acc cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688 Loading...

	dd365w.com:8989/	390 B	2023-04-05	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-19 17:37:28 Times Seen6206 Hash 4e6bbb84979a27014e74be230fe8440f aafe0c1dba07e91354abfb25d154c0acbed24d61 03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74 Loading...

	dd365w.com:8989/	652 B	2023-05-06	2023-08-20
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash 36148985855b4b73b6474178f7945903 8eedfe728eb1d93d1056bf58d15dfe63f5050893 3b4ba18c36538f3b00a0a55bb2a72aa8ab0c51747218a14f03bfdb12ff01866b Loading...

	dd365w.com:8989/	12 kB	2023-05-06	2023-08-20
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash 747b663507ca5f33c3fc8debce6fb9ce 02fc194e8e2b9c2a694af105a07e8836ddb16cf4 4e2165e1105e0b2a5aade7619a66794165a54abeca30f54f9b3e53fffe254cf2 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-19 17:37:28 Times Seen13191 Hash b091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js	20 kB	2023-03-07	2024-04-19
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 17:37:28 Times Seen12605 Hash 5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811 Loading...

	dd365w.com:8989/	116 kB	2023-05-06	2024-02-29
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2024-02-29 00:40:00 Times Seen136 Hash f8ea1507e5960fcaf19c4500c47d823b 0ad5149222f05a4c1036f3f69aa4a88411ffd4d6 2cf4f3b7d8d3e3c1bf45a6e185ebca2cb9023cd4160d68912da001824e63396c Loading...

	dd365w.com:8989/	0 B	2023-03-07	2024-04-19
Pretty URL dd365w.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 23:22:43 Times Seen36968502 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js	9.5 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen679 Hash 270bb19aad1f9d42484ce92bd6edca01 c175b6bf310656d9a74c3ab491ad44c85b3dafa0 4be2f2f0f6ea6cf24f62547f06c2c8def635ece0315dd8ad5aae675f02dd3dd8 Loading...

	dd365w.com:8989/message_zh_CN.js?v=1685395744961	32 kB	2023-04-28	2023-07-10
Pretty URL dd365w.com:8989/message_zh_CN.js?v=1685395744961 IP 20.239.71.172 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 10:49:37 Last Seen2023-07-10 14:41:19 Times Seen1449 Hash abdcbf67b546f2665360012a6af3bbdb a876710b72498972a0ef587c388a514f7b60ee81 606608cb052a53144304576bda119fe134133ec34ae8e985520dfe57563e856c Loading...

		Size	First Seen	Last Seen
	#1 Write - 271024fb262c7ed69f5c643f5c434119	356 B	2023-05-10	2023-06-11
Pretty Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-11 01:12:40 Times Seen45 Hash 271024fb262c7ed69f5c643f5c434119 84b3d3257c0313e8741fec0f96f0975a6c957285 d0e8af64188f111291b580ed972d9e04453235664a6d78e6b0b7bbdc6b2557de Loading...

	#2 Write - 3366f26eb9fff4645b32b2f19aa6ce99	176 B	2023-03-07	2024-02-29
Pretty Observations First Seen2023-03-07 01:27:25 Last Seen2024-02-29 05:13:29 Times Seen962 Hash 3366f26eb9fff4645b32b2f19aa6ce99 acf8a839cade3210ebb03c64ec03bb1e5f207ef6 8d8e8a0fdf09457e906ba9b8c595213995be248cb8ed614f369f7ef538867fad Loading...

HTTP Transactions (80)

URL IP Response Size

dd365w.com/

20.205.118.3

301 Moved Permanently

59 B

URL User Request GET HTTP/1.1
dd365w.com/
IP
20.205.118.3:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
HTML document, ASCII text
Size
59 B (59 bytes)
Hash
488b7eeeae53633f6d0239beab1eb4cd
882ace1ff09a790d5e29d77918f3d36cf8ea4b92
1d0561b5acbd3e0fe6299ab929dd79980276f42a5006f191491e774368007c29

Detections

Analyzer	Verdict	Alert
openphish	Bet365

HTTP Headers

GET / HTTP/1.1
Host: dd365w.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://dd365w.com:8989/
Date: Fri, 02 Jun 2023 01:15:06 GMT
Content-Length: 59

dd365w.com:8989/

20.205.118.3

200 OK

101 kB

URL User Request GET HTTP/1.1
dd365w.com:8989/
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
101 kB (100995 bytes)
Hash
0dc8ba53132d33712cba676b6d4cb771
801216e467b8a7c590e6163f58b41f10ae245def
20d7083feca8460d288c1c1ecb39ca7790ff5437c233ff4c002c0d15cce2fb07

HTTP Headers

GET / HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:06 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Html-Cache: HIT-3600
Transfer-Encoding: chunked

dd365w.com:8989/ftl/commonPage/themes/gui-skin-default.css

20.239.71.172

200 OK

6.2 kB

URL GET HTTP/1.1
dd365w.com:8989/ftl/commonPage/themes/gui-skin-default.css
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.2 kB (6239 bytes)
Hash
d72bc8116ebcfa2aa1853b83f607f2f9
669f0eddfe55d617d5dd0264ebef6ee483ca8319
9dcd6715090f9f85e0010db1dfecf43a05ba4e28df4884264a65356f3bc9e917

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 01:15:07 GMT
Etag: W/"5fced4cc-7b2e"
Expires: Sat, 03 Jun 2023 01:15:07 GMT
Last-Modified: Tue, 08 Dec 2020 01:20:12 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365w.com:8989/commonPage/lan/i18n.js?t=1685668506.736

20.239.71.172

200 OK

814 B

URL GET HTTP/1.1
dd365w.com:8989/commonPage/lan/i18n.js?t=1685668506.736
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
ASCII text, with very long lines (1217)
Size
814 B (814 bytes)
Hash
92664ef8a95ed94dd1800aa0f6cbff4c
247e15fb5607fe06818031dada885b77cc4b482c
7483a8942c67860f48819cd280db1349ad7298e9de6a7b0767b1957c74c22e76

HTTP Headers

GET /commonPage/lan/i18n.js?t=1685668506.736 HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:07 GMT
Out-Line: gb-cdn-813
Uuid: 00121-01-00000000-1685668507a900
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 814

dd365w.com:8989/message_zh_CN.js?v=1685395744961

20.239.71.172

200 OK

9.8 kB

URL GET HTTP/1.1
dd365w.com:8989/message_zh_CN.js?v=1685395744961
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
Unicode text, UTF-8 text, with very long lines (17953)
Size
9.8 kB (9826 bytes)
Hash
2f6bbee802e13ba5b996854899146388
1740f10b199aabd29342db59f3bc368e7a115007
a133f55920bc6dce0b09e2b0e107fccf6f89a5f1744f2535e4702c08b38e198a

HTTP Headers

GET /message_zh_CN.js?v=1685395744961 HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: application/javascript;charset=UTF-8
Date: Fri, 02 Jun 2023 01:15:07 GMT
Expires: Sat, 03 Jun 2023 01:15:07 GMT
Out-Line: gb-cdn-813
Uuid: 00121-01-00000000-1685668507dea8
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365w.com:8989/ftl/commonPage/themes/gui-base.css

20.239.71.172

200 OK

17 kB

URL GET HTTP/1.1
dd365w.com:8989/ftl/commonPage/themes/gui-base.css
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
Unicode text, UTF-8 text, with very long lines (12023)
Size
17 kB (16723 bytes)
Hash
fcf7fcda4cfb8589d0e35dcad1b6a70a
607ec7cfde0e21e5ca7323aabd340ea82eddbd0c
58005581427a61dee5af1386995b38d90e995f4bcb75b85f8bb84d84ab5ac0fd

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 01:15:07 GMT
Etag: W/"64702b4d-13d22"
Expires: Sat, 03 Jun 2023 01:15:07 GMT
Last-Modified: Fri, 26 May 2023 03:45:17 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365w.com:8989/ftl/commonPage/themes/gui-layer.css

20.239.71.172

200 OK

6.8 kB

URL GET HTTP/1.1
dd365w.com:8989/ftl/commonPage/themes/gui-layer.css
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
Unicode text, UTF-8 text, with very long lines (489)
Size
6.8 kB (6816 bytes)
Hash
34043d72a58a05875d105be59c26edd5
52fbec83f17a976b9d5ed85d0d5c722ad8a56f4b
4c79bd5f7674ac54a377c34facd56465a269d5ce434eb1635338f4efaee4f1c6

HTTP Headers

GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 01:15:08 GMT
Etag: W/"6464352d-c416"
Expires: Sat, 03 Jun 2023 01:15:08 GMT
Last-Modified: Wed, 17 May 2023 02:00:13 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365w.com:8989/ftl/commonPage/themes/hongbao.css

20.205.118.3

200 OK

5.7 kB

URL GET HTTP/1.1
dd365w.com:8989/ftl/commonPage/themes/hongbao.css
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
Unicode text, UTF-8 text, with very long lines (336)
Size
5.7 kB (5666 bytes)
Hash
499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894

HTTP Headers

GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 01:15:08 GMT
Etag: W/"64252e4f-d530"
Expires: Sat, 03 Jun 2023 01:15:08 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:15:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=548478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0bd7f37fd20afa-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:15:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=548478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0bd7f36e49b4f1-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:15:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=548478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0bd7f36f171c0a-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:15:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=548478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0bd7f37fd70afa-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 01:15:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=548478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0bd7f37e70b511-OSL

1gruet.rbjgb.com/ftl/bet365-121/themes/style/bootstrap-dialog.min.css

104.250.44.1

200 OK

630 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/style/bootstrap-dialog.min.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
630 B (630 bytes)
Hash
304eb84809c6637b7cdd0dc6225c5761
e724aff10b16dc82bf1086cd3b70d8396f630d64
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4

HTTP Headers

GET /ftl/bet365-121/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 630
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"61c3f27b-adc"
Date: Sun, 14 May 2023 13:09:48 GMT
Last-Modified: Thu, 23 Dec 2021 03:52:27 GMT
Expires: Tue, 13 Jun 2023 13:09:48 GMT
Age: 1598719
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 5647f8135e05817cff620e02e7a30b86

1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js

104.250.44.1

200 OK

4.0 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"60f60fb5-43bc"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1601194
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 30db3d28a025bbef494d17a67fb82423

1gruet.rbjgb.com/ftl/bet365-121/themes/style/common.css

104.250.44.1

200 OK

13 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/style/common.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (908)
Size
13 kB (12715 bytes)
Hash
7f751b6564b8d8851e204c2ea5e86536
4474f799e275f01236f439e7dd43ba8d000a2f24
31e165c328f607954145a69ec67e3d6c41e1f3071605a7e7c4009449896465f5

HTTP Headers

GET /ftl/bet365-121/themes/style/common.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 12715
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"61c3f27b-ddb3"
Date: Sun, 14 May 2023 13:09:47 GMT
Last-Modified: Thu, 23 Dec 2021 03:52:27 GMT
Expires: Tue, 13 Jun 2023 13:09:47 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f1ce6b86b8c6d7bdd093678a82087492

1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js

104.250.44.1

200 OK

3.3 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6260ddd4-2f13"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1601196
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d085d449ea282ef3e8f00a532755659a

1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js

104.250.44.1

200 OK

797 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"6260ddd4-828"
Date: Sun, 14 May 2023 12:28:31 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:28:31 GMT
Age: 1601197
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 60cf748a5cf7a9692080c95c7402db12

1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js

104.250.44.1

200 OK

12 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32030)
Size
12 kB (11951 bytes)
Hash
6ddb20c89aad63f86c5862b2f5c48a56
45da7bc94c509993ad003b3963c6e802b5ec248a
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11951
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b07e"
Date: Sun, 14 May 2023 12:26:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:26:08 GMT
Age: 1601340
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: a7add76c5dd031bdb60592a9b85c3466

1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js

104.250.44.1

200 OK

2.7 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
2.7 kB (2688 bytes)
Hash
c400884eb33705c441487b8beed81be0
6e040e41aad03c4554aa90141fd872433185082a
df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2688
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"63a93f79-2ce5"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Mon, 26 Dec 2022 06:30:17 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1601196
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 4974ec81bef059a2b9404c96d64c6473

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

104.250.44.1

200 OK

34 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-176d4"
Date: Sun, 14 May 2023 12:26:10 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:26:10 GMT
Age: 1601338
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3d4a24ad76d89c6c3b5c7c68dc020f2c

1gruet.rbjgb.com/ftl/commonPage/js/float.js

104.250.44.1

200 OK

1.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/float.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"612747ba-1b2f"
Date: Sun, 14 May 2023 12:26:11 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Tue, 13 Jun 2023 12:26:11 GMT
Age: 1601337
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 83d8d799ded4f24f9173f2f3933c9771

1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js

104.250.44.1

200 OK

16 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11041)
Size
16 kB (15770 bytes)
Hash
4f958aa7157a3b48caa17e42505396b6
67a2625ceeb29fd2d235c9c395c53ff505029b46
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15770
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-ee4d"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1601195
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 766a2c6b3e804c65fa0fdbeddb75e52c

1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js

104.250.44.1

200 OK

5.0 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-4ea4"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1601196
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 4f75d33642e5f17c21d0c5b8bac4e38f

1gruet.rbjgb.com/ftl/commonPage/js/layer.js

104.250.44.1

200 OK

7.6 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/layer.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-55f6"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1601196
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 382386415946517759f2a476e43e5adf

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

104.250.44.1

200 OK

1.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-1151"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1601196
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 07eaf1179049f7d2f42428461efa3d5a

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

104.250.44.1

200 OK

17 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-fc8b"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1601195
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: c72bb5c254b5bfd2bdd9b05904b9c535

1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

104.250.44.1

200 OK

4.1 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

HTTP Headers

GET /150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-3a09"
Date: Mon, 29 May 2023 22:12:24 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:24 GMT
Age: 270164
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: a9cb3abc706aadfd07e97ce2cc0b44d5

1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

104.250.44.1

200 OK

7.7 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

HTTP Headers

GET /150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-6caf"
Date: Mon, 29 May 2023 22:12:23 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:23 GMT
Age: 270165
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 13188c849b7e32bebd621aa9587815eb

1gruet.rbjgb.com/ftl/commonPage/js/moment.js

104.250.44.1

200 OK

27 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/moment.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Size
27 kB (26878 bytes)
Hash
9bcf737d07f6f089ac8c8e11a1758fad
fb186e78925c05500b7855bf7f4f9d00a5517acc
cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26878
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"62a1b56b-1bf5b"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Thu, 09 Jun 2022 08:55:07 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1601196
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: aee466f7c340b7234e666bc30c286c6a

1gruet.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css

104.250.44.1

200 OK

911 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
911 B (911 bytes)
Hash
1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b5d"
Date: Sun, 14 May 2023 12:56:50 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:56:50 GMT
Age: 1599498
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 79b458993699b914b0320bb6574c4b5b

1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961

104.250.44.1

200 OK

5.2 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

HTTP Headers

GET /150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-7fd7"
Date: Mon, 29 May 2023 22:12:23 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:23 GMT
Age: 270165
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 9a9f8a8b9d7bf8100e598b40f403c084

1gruet.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css

104.250.44.1

200 OK

3.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

HTTP Headers

GET /150810/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-2d52"
Date: Mon, 29 May 2023 22:12:26 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:26 GMT
Age: 270162
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 7cb3d4d846463fe06d4cdf0209e915e5

1gruet.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0

104.250.44.1

200 OK

3.1 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.1 kB (3111 bytes)
Hash
5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc

HTTP Headers

GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6131d862-48e4"
Date: Sun, 14 May 2023 12:54:38 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Tue, 13 Jun 2023 12:54:38 GMT
Age: 1599630
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 6bde4ada5e364a499e0acaea217e90f6

1gruet.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

104.250.44.1

200 OK

6.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5d848f4f-1ad7"
Date: Sun, 14 May 2023 13:09:48 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 13:09:48 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: c1237e3c67a61e837b80714c4f2bf0d0

dd365w.com:8989/mobile-api/v5/origin/getFloat.html

20.205.118.3

200 OK

106 B

URL POST HTTP/1.1
dd365w.com:8989/mobile-api/v5/origin/getFloat.html
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
106 B (106 bytes)
Hash
18da76ef30828950957abc98b28e7327
dc5c652bbb18e3bf5d2f14776ce2e10710e0decb
45c7e7ed630f2a5c7a48a85a78bf558f3a831d66085669a7953dfb0ea646fa54

HTTP Headers

POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://dd365w.com:8989
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 01:15:09 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-168566850948d1
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 106

dd365w.com:8989/index/getAppsUrl.html?device=android

20.239.71.172

200 OK

891 B

URL GET HTTP/1.1
dd365w.com:8989/index/getAppsUrl.html?device=android
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , ASCII text, with very long lines (1124), with no line terminators
Size
891 B (891 bytes)
Hash
c9f6f01fd0c9bb03f37dc024f565f35b
3d7425829bc06e24027fa5a97d234ff8935af3fb
98df4ff539d28ca17737d736693841c476cde00bd03e79db4f4631c7762758b1

HTTP Headers

GET /index/getAppsUrl.html?device=android HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:09 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; Path=/
Sub-Sys: msite
Uuid: 00121-01-00000000-1685668509388c
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 891

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6f25787681406a599af8356eb15ee0e7
038b6eb2f63682f8ae5ce5d2687986ef7782216a
4f0911ea3e1d08c803035a5efbc6e90f0ced2727cc3e7ce7296de01207e7a4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 01:15:10 GMT
Last-Modified: Fri, 02 Jun 2023 00:48:48 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WiTDxMjsKmW96IISWleH5XqMP7PHgAOIa3aq0B-VEYEytVlLQfcF_w==
Age: 1582

dd365w.com:8989/index/getUserTimeZoneDate.html?t=lidvia7x

20.205.118.3

200 OK

97 B

URL GET HTTP/1.1
dd365w.com:8989/index/getUserTimeZoneDate.html?t=lidvia7x
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
4a3ec4b3871b50739aa2cb304c2f1785
d74e1d5c0187f21a9133d121f3694b45912f53f9
b5c176b5a8aaf9e51a632d729a997b1c5ccccd3b517d66f9869ff119dca1b1e6

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=lidvia7x HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-1685668510248d
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 97

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6f25787681406a599af8356eb15ee0e7
038b6eb2f63682f8ae5ce5d2687986ef7782216a
4f0911ea3e1d08c803035a5efbc6e90f0ced2727cc3e7ce7296de01207e7a4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 01:15:10 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cryvwSp1gk5YRawDHwXLkZtE1gz8gNL7J30X7TBMbE6iuPlAMtTJBA==

dd365w.com:8989/headerInfo.html?t=lidviaen

20.205.118.3

200 OK

115 B

URL GET HTTP/1.1
dd365w.com:8989/headerInfo.html?t=lidviaen
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
6d8c949472492c3c9d195e2cb90f3cd0
37fa32096e9f56f835ca96d8b1818be655694ec4
9d627f47efba7fe5e950312e78c027b97ec14a5e53c771cc44657eb2cb04d4bc

HTTP Headers

GET /headerInfo.html?t=lidviaen HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-168566851030f7
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 115

dd365w.com:8989/favicon.ico

20.239.71.172

404 Not Found

150 B

URL GET HTTP/1.1
dd365w.com:8989/favicon.ico
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
150 B (150 bytes)
Hash
597ba0d4396e9c906225140ce907092c
28ae2ba65ccdb583d79f85b8cc9509fae697493b
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 150
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
X-Frame-Options: SAMEORIGIN

dd365w.com:8989/mobile-api/v5/origin/loginSwitchCheck.html

20.239.71.172

200 OK

113 B

URL GET HTTP/1.1
dd365w.com:8989/mobile-api/v5/origin/loginSwitchCheck.html
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
113 B (113 bytes)
Hash
1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d

HTTP Headers

GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=9f8c829bfb3537f530509e8eaa83639a; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-16856685108999
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 113

dd365w.com:8989/index/getUserTimeZoneDate.html?t=lidvianl

20.239.71.172

200 OK

97 B

URL GET HTTP/1.1
dd365w.com:8989/index/getUserTimeZoneDate.html?t=lidvianl
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
be9f4389e97c6ba501e77ec05b3e3702
8654d8b1f8f51608ccb3463a73007231662c67ff
2c2eac517d8a56dc0c5a928b3448645db95076d9ac201458a0472fd4091b7257

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=lidvianl HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-1685668510d2b1
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 97

dd365w.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign

20.205.118.3

200 OK

112 B

URL GET HTTP/1.1
dd365w.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
112 B (112 bytes)
Hash
5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1

HTTP Headers

GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-16856685102c33
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 112

dd365w.com:8989/mobile-api/v5/origin/getThirdParam.html

20.239.71.172

200 OK

86 B

URL GET HTTP/1.1
dd365w.com:8989/mobile-api/v5/origin/getThirdParam.html
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
86 B (86 bytes)
Hash
9ac55fe189e4f53f37156e563e0f542e
18b13b1360ce9fbd973e046d2652be38d58a15e0
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b

HTTP Headers

GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=9f8c829bfb3537f530509e8eaa83639a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 01:15:10 GMT
Out-Line: gb-cdn-813
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685668510833f
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 86

1gruet.rbjgb.com/ftl/bet365-121/images/index-ban-04.jpg?wsSecret=2fb2fcdf403a7a5443088c002fa121ed&wsTime=1685668509

104.250.44.1

200 OK

71 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-ban-04.jpg?wsSecret=2fb2fcdf403a7a5443088c002fa121ed&wsTime=1685668509
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 860x214, components 3\012- data
Size
71 kB (70989 bytes)
Hash
0874790c51f4c2fc4b19ca5b7062c107
0b018e3a09ff6de7ed287fe2e77ea7f933712bf0
c490274b8d7112c756355b806bf7f8954296bd94f0380ef682a68597128d9ee0

HTTP Headers

GET /ftl/bet365-121/images/index-ban-04.jpg?wsSecret=2fb2fcdf403a7a5443088c002fa121ed&wsTime=1685668509 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 70989
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5d2c7603-1154d"
Date: Sun, 14 May 2023 13:09:49 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Tue, 13 Jun 2023 13:09:49 GMT
Age: 1598720
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: bd8acbf61c6d1a0836680e3f9b2fcbba

1gruet.rbjgb.com/ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3903 bytes)
Hash
e5a2ad569e98290c9b2c4a4be078caf4
11a4517d0252c0757729edfdf9cccba1a18c2a21
d49b27a9f00196592c4f64857d3f5dea4c4e57328d0537c947b96d8bca9e7517

HTTP Headers

GET /ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3903
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-f3f"
Date: Sun, 14 May 2023 12:28:38 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:28:38 GMT
Age: 1601192
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3806d97ecdede3a5f2ae4861031b3368

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10183/365epc.jpg.base64

104.250.44.1

200 OK

168 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10183/365epc.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 692x516, components 3\012- data
Size
168 kB (167576 bytes)
Hash
3574bdc3cde04dad5934caa1a3a8450a
8c47ba3e0b2606d90073c8d3a80dcdbe11ad1e0c
38c9c32da8e1a710a6cb59a8ee5572dee05c9c66fb75d0d68aa53a2b90c04bab

HTTP Headers

GET /fserver/files/gb/121/carousel/10183/365epc.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 167576
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63a1d0e7-28e98"
Date: Sun, 14 May 2023 12:28:38 GMT
Last-Modified: Tue, 20 Dec 2022 15:12:39 GMT
Expires: Tue, 13 Jun 2023 12:28:38 GMT
Age: 1601192
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: dbba244318cd06f5e0afddd1bf1ef79b

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64

104.250.44.1

200 OK

128 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127631 bytes)
Hash
be663490cad9945816e2a8c06006818e
0d2274099ebda0c8b2287d773e60be25bb21543c
6f64ebb39f34158d6f22133ca4324072c799f08c5407edaf7753092bebc51b66

HTTP Headers

GET /fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 127631
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "63770ee7-1f28f"
Date: Sun, 14 May 2023 12:28:41 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:43 GMT
Expires: Tue, 13 Jun 2023 12:28:41 GMT
Age: 1601189
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3b29bb9b0d80fcbd80ef8dfa449ba74b

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64

104.250.44.1

200 OK

230 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
230 kB (230329 bytes)
Hash
742cc95cacbfb99d69af088a55c8daee
d2353b5b99bcae5a416b5ef94a64138e4682d42c
2ef2d125b3e3c3ff6379070544b9b2f920ff416cc5a0d0833dad04cefdf1c0b9

HTTP Headers

GET /fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 230329
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee7-383b9"
Date: Sun, 14 May 2023 12:28:40 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:43 GMT
Expires: Tue, 13 Jun 2023 12:28:40 GMT
Age: 1601191
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 57d977a91250d543b9d615204426149a

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64

104.250.44.1

200 OK

278 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278300 bytes)
Hash
a15b5210b8738817a4877f06037cab37
0952a7b40b385c0c63c00a9fe8150bcacef8ae80
c9acf6e4cbcc45be053ec27581cb60d4072bfe4b359d76701cbe9f4a0c265a7b

HTTP Headers

GET /fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 278300
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee6-43f1c"
Date: Sun, 14 May 2023 12:28:41 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:42 GMT
Expires: Tue, 13 Jun 2023 12:28:41 GMT
Age: 1601190
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 45063e8cc1a511f486907d5ccec9bb31

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64

104.250.44.1

200 OK

277 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
277 kB (276691 bytes)
Hash
57952bca926775400bf45dd90bed34b6
bc58fa8be4a61f6039b5b07a195a010959b81e51
3478d541b6d417c66f7ee4bd4be0a1f332ed9857ebec4dc81f315ecd7b108dd7

HTTP Headers

GET /fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 276691
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee5-438d3"
Date: Sun, 14 May 2023 12:28:43 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:41 GMT
Expires: Tue, 13 Jun 2023 12:28:43 GMT
Age: 1601188
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 9d25abb62c99243cd168ac518c15ef43

1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3883 bytes)
Hash
4558c044623afebe02a1422bf13fbae0
66b103e96878b8542f1a6cac95a584ecb8d26787
99735be4461b4d9faee52aca6f539ed2bab8f459868193421a44f94cee745b2c

HTTP Headers

GET /ftl/bet365-121/themes/images/login_os.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3883
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-f2b"
Date: Sun, 14 May 2023 12:36:59 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:36:59 GMT
Age: 1600693
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f4f88ab62c3b7252116c75b6fb352dc3

1gruet.rbjgb.com/fserver/files/gb/121/Logo/1/1543560239717.png.base64

104.250.44.1

200 OK

6.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/Logo/1/1543560239717.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6825)
Size
6.8 kB (6826 bytes)
Hash
66e9b89efb4e7f29a87644419122ab3b
7ad459cd238227649aeba6705b540e55ed273942
f4a232f6376894fcdfb8905e755851d2e5160496d99372a47ad89761ee6cc3c1

HTTP Headers

GET /fserver/files/gb/121/Logo/1/1543560239717.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6826
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee1-1aaa"
Date: Sun, 14 May 2023 12:36:58 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:37 GMT
Expires: Tue, 13 Jun 2023 12:36:58 GMT
Age: 1600694
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f2f077718bdd06642d375607b410b57a

vue.livelyhelp.chat/livechat.ashx?siteId=60000906

54.230.111.59

200 OK

2.1 kB

URL GET HTTP/2
vue.livelyhelp.chat/livechat.ashx?siteId=60000906
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
2.1 kB (2056 bytes)
Hash
ef2963581831d0c84aba2fa58c66b2cd
fb1f464fb5e2a449abaf88631c17d1c6d72ae0c4
f4a67b9b56f3261d68fc614bcac89ce0cda606afe8a4e6d39c3788b980002d90

HTTP Headers

GET /livechat.ashx?siteId=60000906 HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Thu, 01 Jun 2023 02:31:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3-PSPJYAa41k7nsPQWgk0AGXiWDQQinnO5hUPayDgs6uuLznPxJ42w==
age: 81821
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1600692
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: ed2e5c21417963d7e9a3143f449794f6

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1600692
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 974dd7adb2881bd0c6bee42b9532fc31

vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js

54.230.111.59

200 OK

35 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (57848)
Size
35 kB (34903 bytes)
Hash
a97c5b0f2a1783a30ddf13de86d049bf
4c40fb76a09c6a6d07c3ec3b7665f1a8eae587b6
1d34d3038a74c748da83226c713a8813601a9589d12d10e178d6d6584ceb3d9b

HTTP Headers

GET /visitorside/js/common.dce7d2db.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 05:59:25 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-ee9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v7RD3evLgyqmxRAL9bdTXO3b1zwYjRO3KX9ayX1WBKBBlM50SYFEfw==
age: 69348
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64

104.250.44.1

200 OK

5.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
5.8 kB (5771 bytes)
Hash
218e631a9ac4002db242ae37fdc7060a
d340f9e755fe026516943b890c423fef1d02930a
cac54484b00312dcecc274572c6d45744e87d0b9a54e667f2c22bcc5f253a91b

HTTP Headers

GET /ftl/bet365-121/themes/images/bg-products.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 5771
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-168b"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b50899b6288945c2bf7392072fcb5e91

1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3883 bytes)
Hash
4558c044623afebe02a1422bf13fbae0
66b103e96878b8542f1a6cac95a584ecb8d26787
99735be4461b4d9faee52aca6f539ed2bab8f459868193421a44f94cee745b2c

HTTP Headers

GET /ftl/bet365-121/themes/images/login_os.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3883
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-f2b"
Date: Sun, 14 May 2023 12:36:59 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:36:59 GMT
Age: 1600693
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d6335cd91aad3e8bc1da3c467643c9b2

dd365w.com:8989/fserver/files/gb/121/carousel/10183/365epc.jpg

20.205.118.3

200 OK

72 kB

URL GET HTTP/1.1
dd365w.com:8989/fserver/files/gb/121/carousel/10183/365epc.jpg
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 692x516, components 3\012- data
Size
72 kB (71928 bytes)
Hash
94c229bd9d84a0c594294b4ec6d6e89f
e509d795e28f38125fb01f6168a411c37ccc4f66
ad52fefd05eaf7e406fa264d33ba103c6a62f7c98431f08053ced439a3031f52

HTTP Headers

GET /fserver/files/gb/121/carousel/10183/365epc.jpg HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Cookie: sticket=emRrTFdaaU9XWTBNR; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 71928
Content-Type: image/jpeg
Date: Fri, 02 Jun 2023 01:15:13 GMT
Etag: "63a1d0e7-118f8"
Expires: Sat, 03 Jun 2023 01:15:13 GMT
Last-Modified: Tue, 20 Dec 2022 15:12:39 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN

vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js

54.230.111.59

200 OK

25 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65421)
Size
25 kB (25065 bytes)
Hash
a835f52554aadc654111d559a421a1d6
c804b433151b32bf2a1cd5d9f447914c42a49346
ff6165fa761e7550a6d458ecff1ce641fb84a0a70a1f4f72bfc4c5b704c574ea

HTTP Headers

GET /visitorside/js/vendor.3f781933.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 03:20:57 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-11ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aiJcAg3GzvQUu9Wuu74vqVClp7LxLl5Sijadjqf3ovJ-lYzDubgLfw==
age: 78856
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1600692
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 560678e8e5d46291b7569df13144c056

1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64

104.250.44.1

200 OK

5.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
5.8 kB (5771 bytes)
Hash
218e631a9ac4002db242ae37fdc7060a
d340f9e755fe026516943b890c423fef1d02930a
cac54484b00312dcecc274572c6d45744e87d0b9a54e667f2c22bcc5f253a91b

HTTP Headers

GET /ftl/bet365-121/themes/images/bg-products.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 5771
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-168b"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 95990ed1a13c81de4d61029a8d6db453

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1600692
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 7df7f66c59883e339b7c50685a8a0990

1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64

104.250.44.1

200 OK

5.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
5.8 kB (5771 bytes)
Hash
218e631a9ac4002db242ae37fdc7060a
d340f9e755fe026516943b890c423fef1d02930a
cac54484b00312dcecc274572c6d45744e87d0b9a54e667f2c22bcc5f253a91b

HTTP Headers

GET /ftl/bet365-121/themes/images/bg-products.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 5771
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-168b"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1598722
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 49e7029d699870f626df3512e16006a3

1gruet.rbjgb.com/ftl/bet365-121/images/index-lottery.jpg.base64

104.250.44.1

200 OK

40 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-lottery.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
40 kB (39554 bytes)
Hash
26e2b2e2badebd56bc19d11395bc8d90
cc75eeef029dd24d73f5578dd177b07b58339506
a8ea01afc26227b927a2a86fee7e2ee33c02fe98854e336764ab67858fce3d24

HTTP Headers

GET /ftl/bet365-121/images/index-lottery.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 39554
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-9a82"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f305026958bc58143736acec88070bc6

1gruet.rbjgb.com/ftl/bet365-121/images/index-game.jpg.base64

104.250.44.1

200 OK

36 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-game.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
36 kB (36231 bytes)
Hash
cd75b5ca5e8b8224880bc951f0eae39c
ed4199ec40838a7843e33f07ce0a97c7e3040424
700d24ce9c8dbdd2a3a075c259448676abff4438b619b17612469b51d00e29c5

HTTP Headers

GET /ftl/bet365-121/images/index-game.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 36231
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-8d87"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 1c21568eb89cdee5d8f511861e29ac21

1gruet.rbjgb.com/ftl/bet365-121/images/index-casino.jpg.base64

104.250.44.1

200 OK

42 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-casino.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
42 kB (41718 bytes)
Hash
d85ea4e359a4f6110f45608a215a9395
7ea544d92730a6d771fa71767a5275f6c3467de1
08c006ada8a7ac4b82f9972091e8fe55cb72b3bf5308877485a9cd91466d422e

HTTP Headers

GET /ftl/bet365-121/images/index-casino.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 41718
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-a2f6"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1598721
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: d295ab57d04e9956b552ac75a03922f9

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
02e6a6e04773a060b2e63abbf3ff0782
9f4a88cfca7330d60e03736cb5f06b6dd0c19fcf
ad97cac0d7e21760c6f8ba0a1ed5b789f5823b355e08bff649a5b20bed66da22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 01:15:13 GMT
Last-Modified: Fri, 02 Jun 2023 00:21:51 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8tZgBzY08LrxDMO9wlNmZncJ4unALQDlBzK9qiD0OswY5raKPaSIzw==
Age: 3202

chat.livehelp100service.com/visitor.ashx?siteId=60000906

76.223.67.229

200 OK

731 B

URL POST HTTP/2
chat.livehelp100service.com/visitor.ashx?siteId=60000906
IP
76.223.67.229:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- HTML document, ASCII text, with very long lines (1297), with no line terminators
Size
731 B (731 bytes)
Hash
b022201c02f1c244ffb289d313592708
bfd6359cc9413cdfc536fef904c9d01424bdaf8e
d8384e69f7618e5edcf20f83fd4e84d62298d5a5d450f430c2a96c87d4641876

HTTP Headers

POST /visitor.ashx?siteId=60000906 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 69
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:15:14 GMT
content-type: text/json; charset=utf-8
content-length: 731
server: nginx
cache-control: private
content-encoding: gzip
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-aspnet-version: 4.0.30319
access-control-allow-origin: https://dd365w.com:8989
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

chat.livehelp100service.com/visitor.ashx?siteId=60000906

76.223.67.229

200 OK

741 B

URL POST HTTP/2
chat.livehelp100service.com/visitor.ashx?siteId=60000906
IP
76.223.67.229:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1323), with no line terminators
Size
741 B (741 bytes)
Hash
61df7fce1958eb75a4a96f3ac92088b3
b95302fed5ff6a80b5b91986ca6678e21ae1ceaf
db712ba06513d18bca6f25cd62b88906de82ededbcfd5bcc51810ee40ec8e685

HTTP Headers

POST /visitor.ashx?siteId=60000906 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1329
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:15:14 GMT
content-type: text/json; charset=utf-8
content-length: 741
server: nginx
cache-control: private
content-encoding: gzip
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-aspnet-version: 4.0.30319
access-control-allow-origin: https://dd365w.com:8989
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

chat.livehelp100service.com/campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607

76.223.67.229

200 OK

6.7 kB

URL GET HTTP/2
chat.livehelp100service.com/campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607
IP
76.223.67.229:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12230), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
95854c509696c661121399132b7122e4
45ec3c1222c96d8ebf5824eade454c745b951380
11dacfed9f3133b124847156577e54a93d06c2a0cb5ad0f778b412abbb9fd422

HTTP Headers

GET /campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Jun 2023 01:15:14 GMT
content-type: text/json; charset=utf-8
content-length: 6701
server: nginx
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js

54.230.111.59

200 OK

527 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
527 kB (526571 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/bundle.71856ffb.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 07:05:34 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-808eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H5FUh872lbbSQUxrn7JMSme7kp2AKR_Hg35QzkyDAYqa_6kxG0_BeQ==
age: 65379
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js

54.230.111.59

200 OK

527 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
527 kB (526571 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/bundle.71856ffb.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 07:05:34 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-808eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vv_GAQnqfckgiRIYAZNh6iYsXylZ2EBN3yn-QBX28hixIeT0F14BFg==
age: 65379
X-Firefox-Spdy: h2

dd365w.com:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png

20.239.71.172

200 OK

1.3 kB

URL GET HTTP/1.1
dd365w.com:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365w.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365w.com
FingerprintD5:F9:67:66:CB:81:B0:3D:07:69:17:95:3C:47:79:C2:3E:72:2D:8F
ValiditySat, 22 Apr 2023 15:11:58 GMT - Fri, 21 Jul 2023 15:11:57 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1321 bytes)
Hash
a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936

HTTP Headers

GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: dd365w.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/ftl/commonPage/themes/gui-layer.css
Cookie: sticket=emRrTFdaaU9XWTBNR; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 1321
Content-Type: image/png
Date: Fri, 02 Jun 2023 01:15:13 GMT
Etag: "5d848f4f-529"
Expires: Sat, 03 Jun 2023 01:15:13 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Out-Line: gb-cdn-813
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN

1gruet.rbjgb.com/ftl/bet365-121/themes/images/sports-infos-bg.png.base64

104.250.44.1

200 OK

14 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/sports-infos-bg.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
14 kB (14071 bytes)
Hash
87a2000794ce47540d366318eba25fce
7e13890479a39ebe5e5b84cd881cddb3485ddf7b
4a35f04b2032a5edece24929c1b01ec6747106881adbf1f9ddbc6e077275eecb

HTTP Headers

GET /ftl/bet365-121/themes/images/sports-infos-bg.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 14071
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-36f7"
Date: Sun, 14 May 2023 13:09:50 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:50 GMT
Age: 1598722
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 46a0446bddc6765b9491a14e7450e51f

vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js

54.230.111.59

200 OK

9.5 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365w.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9703), with no line terminators
Size
9.5 kB (9540 bytes)
Hash
fdc52b061e51dfcbdedf21ca762d9cf9
5cc66b475dc8075f2bf772a3a9ac9bd2ed43018e
61240cab85495ff08735440d1774611a23d1218e33117ea7dd0ed0147fd69b56

HTTP Headers

GET /visitorside/js/Button.8e7eec9c.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://vue.livelyhelp.chat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 02:04:52 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-2544"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C-Oh7QLvMd2zUzbp0ncXrRJO0TYvJwzLqe2QUahZGH5ZACvm5Xcg6w==
age: 83422
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64

104.250.44.1

200 OK

515 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365w.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (521), with no line terminators
Size
515 B (515 bytes)
Hash
dfd605d507078186e982781afda2fc97
90b3bf8aee8c90e50692f964540def8e2abbd153
cdafbba11170d5c9910b6ff3f1b2f769522215d433811f611af7b0d4c8a0e6ee

HTTP Headers

GET /ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365w.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365w.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 515
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-203"
Date: Sun, 14 May 2023 13:09:50 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:50 GMT
Age: 1598722
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 54b15302a2eec9c3fcb9e6faea823a1d

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML