Report - dd365c.com/

Report Overview

Submitted URL
dd365c.com/
IP
20.239.17.84
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-06-01 01:34:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
	unknown				9.4 kB	229 kB	20.205.118.3
1gruet.rbjgb.com	unknown	2020-06-18	2022-07-28	2023-05-31	19 kB	1.5 MB	104.250.44.1
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-31	1.0 kB	2.7 kB	54.230.80.227
vue.livelyhelp.chat	292217	2020-04-15	2020-06-12	2023-05-31	3.2 kB	318 kB	54.230.111.59
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-31	340 B	863 B	54.230.80.227
chat.livehelp100service.com	unknown	2021-12-08	2022-06-06	2023-05-31	1.1 kB	8.7 kB	13.248.194.97
vue1.livelyhelp.chat	unknown	2020-04-15	2022-07-26	2022-09-12	1.8 kB	666 kB	54.230.111.59
dd365c.com	unknown	unknown	2019-05-31	2023-04-15	467 B	224 B	20.205.118.3
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-31	1.7 kB	4.8 kB	104.18.14.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-05-31	medium	dd365c.com/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (48)

	URL	Size	First Seen	Last Seen
	dd365c.com:8989/	48 B	2023-03-07	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen6359 Hash 37f0336a6fe3f56c661b149ecf659efe 9aff4163d5da3b8d760f0593c583dd8d1f6dfc14 f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js	11 kB	2023-04-05	2023-08-31
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2023-08-31 08:58:03 Times Seen2511 Hash 95bb24446bd217df4f93461f70c7678c 2140c5afa733bf625108c85556736bdc70319ca9 dd6779210bf5c2670d3a2fea9cd108bc1471b25e074a9ea86017d46827e32d2f Loading...

	vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js	527 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen1024 Hash 7dd3e386b0cd8e8e061c5ccd55f57312 99829047a3d6dd8636a99cb7d40b2ff2253eee09 944dda37179d5929ff731e111c822c37f610f701b9625ff85aa1d9fcc55fdc57 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js	12 kB	2023-04-05	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6364 Hash 466a7ed7d00986d45375c0cbffb5233c 68845ead668e9abd29c24b491dbf97b219226c08 7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123 Loading...

	1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js	28 kB	2023-04-05	2024-04-26
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6355 Hash 9c41709c2b64126b909c101a27f39153 4ab666b36c092577acb41390ad90e96d5fea7711 c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60 Loading...

	dd365c.com:8989/	505 B	2023-05-31	2023-06-10
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 13:31:19 Last Seen2023-06-10 09:24:02 Times Seen256 Hash 633a11639d47389449f6e5762e40d35a a02159a12a3322f697d3e62cdb34802db2defe74 6a00e9f7e7d72a8e1b87d5f462e1cdd74cdc34ec6f72bef4aad89d4b3131bda4 Loading...

	dd365c.com:8989/	705 B	2023-05-31	2023-07-09
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-07-09 16:39:17 Times Seen59 Hash 3d83749672d8eead4924517a020a3849 52408355cb50bb543374fc6fb721120c0a787b0d b3d61dc6556ceab09f68e778f8918ec7813d47a8280d3136004f9be214bcdc67 Loading...

	dd365c.com:8989/	17 kB	2023-05-31	2023-06-05
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-06-05 08:29:53 Times Seen18 Hash 1b5dc94076037e1bdf31eacf6676df5b 5662cca1ff7bf291696535203f20bfb7d31de00e c3f21e2deaa3259a27ef961f8304bef111ac45b1146e873ad9f903e9f4cb1b57 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js	17 kB	2023-04-05	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6369 Hash 1008fe6a5e1a182d7775963b85405bb2 e174a7b08cc3cb5545af1cd33d2814e604119392 7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/moment.js	114 kB	2023-03-07	2023-06-13
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/moment.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-06-13 01:31:58 Times Seen1639 Hash 9bcf737d07f6f089ac8c8e11a1758fad fb186e78925c05500b7855bf7f4f9d00a5517acc cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688 Loading...

	dd365c.com:8989/	13 kB	2023-04-05	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6365 Hash 109d40ff6f9b3510b169fac4b8e845ce 4ce0fc768718f555487159ddd745e728a0c74c64 7b782f2e9589aa72ddadf4546c0f09709c73bea1339cd0ce893dfc40f6252949 Loading...

	vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js	74 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen982 Hash a835f52554aadc654111d559a421a1d6 c804b433151b32bf2a1cd5d9f447914c42a49346 ff6165fa761e7550a6d458ecff1ce641fb84a0a70a1f4f72bfc4c5b704c574ea Loading...

	dd365c.com:8989/message_zh_CN.js?v=1685395744961	32 kB	2023-04-28	2023-07-10
Pretty URL dd365c.com:8989/message_zh_CN.js?v=1685395744961 IP 20.239.71.172 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 10:49:37 Last Seen2023-07-10 14:41:19 Times Seen1449 Hash abdcbf67b546f2665360012a6af3bbdb a876710b72498972a0ef587c388a514f7b60ee81 606608cb052a53144304576bda119fe134133ec34ae8e985520dfe57563e856c Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js	20 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen12780 Hash 5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811 Loading...

	dd365c.com:8989/	11 kB	2023-04-05	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6341 Hash 6681856885ee92601b7711c11d19553f 95ab4437869df8c790cad28e0753a4c9ea362e73 ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23 Loading...

	dd365c.com:8989/	3.6 kB	2023-04-05	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6339 Hash d15a9b513acdcf3e9b08901384511565 f1fe72392137895e4952f835c0330f76aacfecdf 9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js	65 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen12991 Hash b5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e Loading...

	dd365c.com:8989/	21 kB	2023-05-31	2023-06-05
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-06-05 08:29:53 Times Seen18 Hash 83d779de109d685f20e7e7993287c278 275bfbb487d9e19d35c71174c4cb3c967eae56e9 2503c8fe6ddbbfbea62d55425cd4113648e690bef2f10c9f26de821d01674625 Loading...

	dd365c.com:8989/	20 kB	2023-04-05	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6335 Hash 9f5bce1aa50f72fd0834901c70db4f43 41771079bee5eb45539e694a5eff580732ab26b0 a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd Loading...

	dd365c.com:8989/	6 B	2023-03-07	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 22:48:09 Times Seen7212 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js	61 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen892 Hash a97c5b0f2a1783a30ddf13de86d049bf 4c40fb76a09c6a6d07c3ec3b7665f1a8eae587b6 1d34d3038a74c748da83226c713a8813601a9589d12d10e178d6d6584ceb3d9b Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js	2.1 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen12756 Hash 07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d Loading...

	vue1.livelyhelp.chat/livechat.ashx?siteId=60000906	1.6 kB	2023-06-01	2023-06-02
Pretty URL vue1.livelyhelp.chat/livechat.ashx?siteId=60000906 IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 03:34:08 Last Seen2023-06-02 15:34:29 Times Seen3 Hash af2cfb8b12b56f30361c63cf8953dc13 1a85d7a93ea803c6a9d1ec9f542fd3f3fae3994e 905476c6baac655094928a316948b1b74b1eb7332d162e03a02190ebbb95f5ef Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js	61 kB	2023-04-05	2023-09-12
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2023-09-12 13:51:41 Times Seen3042 Hash b575e784995b44bfb0e8124cfcca1680 eb382fae3719c0f731383a17bbf59e4630795d13 196ee421870c9e54c6bf9b13e97c73dea3955632d9eca37ee87cdcdd1a8b7df3 Loading...

	1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961	33 kB	2023-04-05	2024-04-26
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6464 Hash a55780dc13cbf1a8d375f14ebb659cf2 9548cc269bcde0dc48e166fa6bab37af8a649e57 35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8 Loading...

	1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js	15 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen12753 Hash 4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9 Loading...

	dd365c.com:8989/	1.8 kB	2023-04-05	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6331 Hash 9f1681b5a72417b33c2869aab85af152 b40a6d9c6d058c2bd6e126a1b0191182926b9d04 eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154 Loading...

	unknown	278 B	2023-04-14	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 20:29:13 Last Seen2024-04-26 07:07:17 Times Seen5598 Hash cf0aad09d2e7287c48d72501c4ed8cbd 7950b8c00d5a278b662dbccd11af31398a408e51 72512199b29d971b5fe854b1f610604dcbdec2c38666c106f1d15863e0df32db Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-26 09:23:47 Times Seen13367 Hash b091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10 Loading...

	dd365c.com:8989/	2.4 kB	2023-05-18	2023-11-28
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-18 01:25:27 Last Seen2023-11-28 09:25:01 Times Seen4082 Hash 91354abf0f62578b55d4dc04437f8866 22eb91f9ead6e7634670722da74d4a61b3c08150 035fec121949808f22f48133184d8fd307c2535912d140df791987de106c44d9 Loading...

	dd365c.com:8989/	116 kB	2023-05-15	2023-06-03
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 07:00:24 Last Seen2023-06-03 14:35:25 Times Seen29 Hash f1477af9d867f593f2f41a2c6dbb5e18 01a856adb01b6539c924aa4ae366566b3a1f02a1 d3ab85f6d77f345ac7ed17d4be84b491f18944a00beb6735235319a90e48f345 Loading...

	vue.livelyhelp.chat/livechat.ashx?siteId=60000906	1.6 kB	2023-05-16	2023-06-07
Pretty URL vue.livelyhelp.chat/livechat.ashx?siteId=60000906 IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 01:15:51 Last Seen2023-06-07 12:06:56 Times Seen39 Hash 8977c6daf6d218e81806160d6c7f4285 107c3b13e6fcf5d0cb2999ed8b7b78d40fe85187 85fa4175daee1b1704395ac9cd1ce3a2dedc5458b4bdc5365432d0c717b019c1 Loading...

	dd365c.com:8989/commonPage/lan/i18n.js?t=1685583225.018	1.3 kB	2023-06-01	2023-06-01
Pretty URL dd365c.com:8989/commonPage/lan/i18n.js?t=1685583225.018 IP 20.239.71.172 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 03:34:08 Last Seen2023-06-01 03:34:09 Times Seen2 Hash 7d0338c1f1ef5df5129a75c92537d122 f1dfdea6e19e28ba808ac683532f3f6e92d09612 e8f7f324ca0b5faf3199b32fb0aac15bcff1dfc7b95a613fac04254d5c83ed1e Loading...

	dd365c.com:8989/	650 B	2023-05-06	2023-08-20
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash c4af43bcc8d8cd9acf99544a95e53f38 af12b7071f210cb46cd974ea0b03f9d1163c20ac 2525d0056cb27b35eec76689ad8a8491b59df03836820acbc2aa68527853aefc Loading...

	dd365c.com:8989/	5.9 kB	2023-04-05	2023-08-03
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2023-08-03 06:50:56 Times Seen2123 Hash 21d16b4bf9ca9dee56b6bd4c6fbc07fc a470fb54fc85c0f66587c8b18cf3720d81c5089f 949b743a6ee9cfc4a7f10b05969df89c626007d65b2f27f2aa8d501c30c8f2a9 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/layer.js	22 kB	2023-04-05	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/layer.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6354 Hash cb96339625e9d456e32f86cdb3c7a7a1 1301165c58bbb13c542cba493b7ab5774e87e31f 17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919 Loading...

	dd365c.com:8989/	390 B	2023-04-05	2024-04-26
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-04-26 09:23:47 Times Seen6293 Hash 4e6bbb84979a27014e74be230fe8440f aafe0c1dba07e91354abfb25d154c0acbed24d61 03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74 Loading...

	dd365c.com:8989/	652 B	2023-05-06	2023-08-20
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash 36148985855b4b73b6474178f7945903 8eedfe728eb1d93d1056bf58d15dfe63f5050893 3b4ba18c36538f3b00a0a55bb2a72aa8ab0c51747218a14f03bfdb12ff01866b Loading...

	dd365c.com:8989/	12 kB	2023-05-06	2023-08-20
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash 747b663507ca5f33c3fc8debce6fb9ce 02fc194e8e2b9c2a694af105a07e8836ddb16cf4 4e2165e1105e0b2a5aade7619a66794165a54abeca30f54f9b3e53fffe254cf2 Loading...

	dd365c.com:8989/	116 kB	2023-05-06	2024-02-29
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2024-02-29 00:40:00 Times Seen136 Hash f8ea1507e5960fcaf19c4500c47d823b 0ad5149222f05a4c1036f3f69aa4a88411ffd4d6 2cf4f3b7d8d3e3c1bf45a6e185ebca2cb9023cd4160d68912da001824e63396c Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js	45 kB	2023-03-07	2024-04-24
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-24 10:02:30 Times Seen5275 Hash 6ddb20c89aad63f86c5862b2f5c48a56 45da7bc94c509993ad003b3963c6e802b5ec248a 1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js	4.4 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen12753 Hash f77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/float.js	7.0 kB	2023-03-07	2024-04-26
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/float.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-26 09:23:47 Times Seen12757 Hash 829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271 Loading...

	vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js	9.5 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen679 Hash 270bb19aad1f9d42484ce92bd6edca01 c175b6bf310656d9a74c3ab491ad44c85b3dafa0 4be2f2f0f6ea6cf24f62547f06c2c8def635ece0315dd8ad5aae675f02dd3dd8 Loading...

	dd365c.com:8989/	0 B	2023-03-07	2024-04-27
Pretty URL dd365c.com:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 05:38:03 Times Seen37111658 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 271024fb262c7ed69f5c643f5c434119	356 B	2023-05-10	2023-06-11
Pretty Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-11 01:12:40 Times Seen45 Hash 271024fb262c7ed69f5c643f5c434119 84b3d3257c0313e8741fec0f96f0975a6c957285 d0e8af64188f111291b580ed972d9e04453235664a6d78e6b0b7bbdc6b2557de Loading...

	#2 Write - 162b8aecc04b02aecce9196c9b1dee8f	359 B	2023-06-01	2023-06-02
Pretty Observations First Seen2023-06-01 03:34:09 Last Seen2023-06-02 15:34:29 Times Seen3 Hash 162b8aecc04b02aecce9196c9b1dee8f 069a99f29c564c4f6c17a72cffefa89e1eb24843 f2334f2adcfea4d2dc12f63e371c8718f257d8f8372a0070ccbee811a462636f Loading...

	#3 Write - 3366f26eb9fff4645b32b2f19aa6ce99	176 B	2023-03-07	2024-02-29
Pretty Observations First Seen2023-03-07 01:27:25 Last Seen2024-02-29 05:13:29 Times Seen962 Hash 3366f26eb9fff4645b32b2f19aa6ce99 acf8a839cade3210ebb03c64ec03bb1e5f207ef6 8d8e8a0fdf09457e906ba9b8c595213995be248cb8ed614f369f7ef538867fad Loading...

HTTP Transactions (83)

URL IP Response Size

dd365c.com/

20.205.118.3

301 Moved Permanently

59 B

URL User Request GET HTTP/1.1
dd365c.com/
IP
20.205.118.3:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
HTML document, ASCII text
Size
59 B (59 bytes)
Hash
aeee0faf0b34c1662d01dffb408fb71f
91cea246dcb9188924058a3092e6b0c7e7f55128
05fd6d89a824ab54cb170fb3f54a0f81f019957fb1d0d8b68ef8f208aecaa6b2

Detections

Analyzer	Verdict	Alert
openphish	Bet365

HTTP Headers

GET / HTTP/1.1
Host: dd365c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://dd365c.com:8989/
Date: Thu, 01 Jun 2023 01:33:44 GMT
Content-Length: 59

dd365c.com:8989/

20.205.118.3

200 OK

101 kB

URL User Request GET HTTP/1.1
dd365c.com:8989/
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
101 kB (100996 bytes)
Hash
9b1aac4060392bfc6ab4491b64cd4146
ace0f01f33e38fc44f27b32eea8166bb10128a61
6811a6a2e096e5626fc44be992ac589d2decb76519ca58bd4aab1181ca5795a9

HTTP Headers

GET / HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:45 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Html-Cache: HIT-3600
Transfer-Encoding: chunked

dd365c.com:8989/commonPage/lan/i18n.js?t=1685583225.018

20.239.71.172

200 OK

812 B

URL GET HTTP/1.1
dd365c.com:8989/commonPage/lan/i18n.js?t=1685583225.018
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
ASCII text, with very long lines (1217)
Size
812 B (812 bytes)
Hash
7d0338c1f1ef5df5129a75c92537d122
f1dfdea6e19e28ba808ac683532f3f6e92d09612
e8f7f324ca0b5faf3199b32fb0aac15bcff1dfc7b95a613fac04254d5c83ed1e

HTTP Headers

GET /commonPage/lan/i18n.js?t=1685583225.018 HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:45 GMT
Out-Line: gb-cdn-813
Uuid: 00121-01-00000000-1685583225c798
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 812

dd365c.com:8989/message_zh_CN.js?v=1685395744961

20.239.71.172

200 OK

9.8 kB

URL GET HTTP/1.1
dd365c.com:8989/message_zh_CN.js?v=1685395744961
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (17953)
Size
9.8 kB (9826 bytes)
Hash
2f6bbee802e13ba5b996854899146388
1740f10b199aabd29342db59f3bc368e7a115007
a133f55920bc6dce0b09e2b0e107fccf6f89a5f1744f2535e4702c08b38e198a

HTTP Headers

GET /message_zh_CN.js?v=1685395744961 HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: application/javascript;charset=UTF-8
Date: Thu, 01 Jun 2023 01:33:45 GMT
Expires: Fri, 02 Jun 2023 01:33:45 GMT
Out-Line: gb-cdn-813
Uuid: 00121-01-00000000-16855832257268
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365c.com:8989/ftl/commonPage/themes/gui-skin-default.css

20.239.71.172

200 OK

6.2 kB

URL GET HTTP/1.1
dd365c.com:8989/ftl/commonPage/themes/gui-skin-default.css
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.2 kB (6239 bytes)
Hash
d72bc8116ebcfa2aa1853b83f607f2f9
669f0eddfe55d617d5dd0264ebef6ee483ca8319
9dcd6715090f9f85e0010db1dfecf43a05ba4e28df4884264a65356f3bc9e917

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Thu, 01 Jun 2023 01:33:45 GMT
Etag: W/"5fced4cc-7b2e"
Expires: Fri, 02 Jun 2023 01:33:45 GMT
Last-Modified: Tue, 08 Dec 2020 01:20:12 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365c.com:8989/ftl/commonPage/themes/gui-base.css

20.239.71.172

200 OK

17 kB

URL GET HTTP/1.1
dd365c.com:8989/ftl/commonPage/themes/gui-base.css
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (12023)
Size
17 kB (16723 bytes)
Hash
fcf7fcda4cfb8589d0e35dcad1b6a70a
607ec7cfde0e21e5ca7323aabd340ea82eddbd0c
58005581427a61dee5af1386995b38d90e995f4bcb75b85f8bb84d84ab5ac0fd

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Thu, 01 Jun 2023 01:33:45 GMT
Etag: W/"64702b4d-13d22"
Expires: Fri, 02 Jun 2023 01:33:45 GMT
Last-Modified: Fri, 26 May 2023 03:45:17 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365c.com:8989/ftl/commonPage/themes/hongbao.css

20.205.118.3

200 OK

5.7 kB

URL GET HTTP/1.1
dd365c.com:8989/ftl/commonPage/themes/hongbao.css
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (336)
Size
5.7 kB (5666 bytes)
Hash
499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894

HTTP Headers

GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Thu, 01 Jun 2023 01:33:46 GMT
Etag: W/"64252e4f-d530"
Expires: Fri, 02 Jun 2023 01:33:46 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365c.com:8989/ftl/commonPage/themes/gui-layer.css

20.239.71.172

200 OK

6.8 kB

URL GET HTTP/1.1
dd365c.com:8989/ftl/commonPage/themes/gui-layer.css
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (489)
Size
6.8 kB (6816 bytes)
Hash
34043d72a58a05875d105be59c26edd5
52fbec83f17a976b9d5ed85d0d5c722ad8a56f4b
4c79bd5f7674ac54a377c34facd56465a269d5ce434eb1635338f4efaee4f1c6

HTTP Headers

GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Thu, 01 Jun 2023 01:33:46 GMT
Etag: W/"6464352d-c416"
Expires: Fri, 02 Jun 2023 01:33:46 GMT
Last-Modified: Wed, 17 May 2023 02:00:13 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
61166683229494c3fca58146745e6b5d
59c5cc168eb9c684beb20091d2ed0e658cfc1959
0f5d77b2485cacb63386e3256bb12fd8fd4ac970ad943cc86530c63f23dc1711

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:33:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 21:46:40 GMT
Expires: Sun, 04 Jun 2023 21:46:39 GMT
Etag: "59c5cc168eb9c684beb20091d2ed0e658cfc1959"
Cache-Control: max-age=331372,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03b5e08a7a0afe-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
61166683229494c3fca58146745e6b5d
59c5cc168eb9c684beb20091d2ed0e658cfc1959
0f5d77b2485cacb63386e3256bb12fd8fd4ac970ad943cc86530c63f23dc1711

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:33:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 21:46:40 GMT
Expires: Sun, 04 Jun 2023 21:46:39 GMT
Etag: "59c5cc168eb9c684beb20091d2ed0e658cfc1959"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03b5e078511c16-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
61166683229494c3fca58146745e6b5d
59c5cc168eb9c684beb20091d2ed0e658cfc1959
0f5d77b2485cacb63386e3256bb12fd8fd4ac970ad943cc86530c63f23dc1711

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:33:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 21:46:40 GMT
Expires: Sun, 04 Jun 2023 21:46:39 GMT
Etag: "59c5cc168eb9c684beb20091d2ed0e658cfc1959"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03b5e07bf2b4f3-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
61166683229494c3fca58146745e6b5d
59c5cc168eb9c684beb20091d2ed0e658cfc1959
0f5d77b2485cacb63386e3256bb12fd8fd4ac970ad943cc86530c63f23dc1711

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:33:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 21:46:40 GMT
Expires: Sun, 04 Jun 2023 21:46:39 GMT
Etag: "59c5cc168eb9c684beb20091d2ed0e658cfc1959"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03b5e0899db4ff-OSL

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
61166683229494c3fca58146745e6b5d
59c5cc168eb9c684beb20091d2ed0e658cfc1959
0f5d77b2485cacb63386e3256bb12fd8fd4ac970ad943cc86530c63f23dc1711

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 01:33:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 21:46:40 GMT
Expires: Sun, 04 Jun 2023 21:46:39 GMT
Etag: "59c5cc168eb9c684beb20091d2ed0e658cfc1959"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d03b5e099a5b4ff-OSL

1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js

104.250.44.1

200 OK

12 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32030)
Size
12 kB (11951 bytes)
Hash
6ddb20c89aad63f86c5862b2f5c48a56
45da7bc94c509993ad003b3963c6e802b5ec248a
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11951
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b07e"
Date: Sun, 14 May 2023 12:26:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:26:08 GMT
Age: 1516058
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 0faece1c55839992045e41ff5bdb2cc5

1gruet.rbjgb.com/ftl/commonPage/js/float.js

104.250.44.1

200 OK

1.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/float.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"612747ba-1b2f"
Date: Sun, 14 May 2023 12:26:11 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Tue, 13 Jun 2023 12:26:11 GMT
Age: 1516055
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 1632d6303239ba15f73b7dc0c130f423

1gruet.rbjgb.com/ftl/bet365-121/themes/style/common.css

104.250.44.1

200 OK

13 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/style/common.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (908)
Size
13 kB (12715 bytes)
Hash
7f751b6564b8d8851e204c2ea5e86536
4474f799e275f01236f439e7dd43ba8d000a2f24
31e165c328f607954145a69ec67e3d6c41e1f3071605a7e7c4009449896465f5

HTTP Headers

GET /ftl/bet365-121/themes/style/common.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 12715
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"61c3f27b-ddb3"
Date: Sun, 14 May 2023 13:09:47 GMT
Last-Modified: Thu, 23 Dec 2021 03:52:27 GMT
Expires: Tue, 13 Jun 2023 13:09:47 GMT
Age: 1513439
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 83b0208c7f935b4b92eb9a63fee61e3b

1gruet.rbjgb.com/ftl/bet365-121/themes/style/bootstrap-dialog.min.css

104.250.44.1

200 OK

630 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/style/bootstrap-dialog.min.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
630 B (630 bytes)
Hash
304eb84809c6637b7cdd0dc6225c5761
e724aff10b16dc82bf1086cd3b70d8396f630d64
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4

HTTP Headers

GET /ftl/bet365-121/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 630
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"61c3f27b-adc"
Date: Sun, 14 May 2023 13:09:48 GMT
Last-Modified: Thu, 23 Dec 2021 03:52:27 GMT
Expires: Tue, 13 Jun 2023 13:09:48 GMT
Age: 1513438
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3cc59e47dd815db1229a63b37a323fc6

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

104.250.44.1

200 OK

34 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-176d4"
Date: Sun, 14 May 2023 12:26:10 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:26:10 GMT
Age: 1516056
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: feee7a10fef93df067df745d7f56d227

1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js

104.250.44.1

200 OK

4.0 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"60f60fb5-43bc"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1515913
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 41280f50c7dc1e01a9d9d1b971578879

1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js

104.250.44.1

200 OK

3.3 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6260ddd4-2f13"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 71d3b5b6dd39299291be47afcbe34886

1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js

104.250.44.1

200 OK

797 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"6260ddd4-828"
Date: Sun, 14 May 2023 12:28:31 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:28:31 GMT
Age: 1515915
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 0ec9fe3dcc8d3b2a935e431dd3e13419

1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js

104.250.44.1

200 OK

2.7 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
2.7 kB (2688 bytes)
Hash
c400884eb33705c441487b8beed81be0
6e040e41aad03c4554aa90141fd872433185082a
df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2688
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"63a93f79-2ce5"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Mon, 26 Dec 2022 06:30:17 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: a10d76176902638daf930a81a22d4e6d

1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js

104.250.44.1

200 OK

16 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11041)
Size
16 kB (15770 bytes)
Hash
4f958aa7157a3b48caa17e42505396b6
67a2625ceeb29fd2d235c9c395c53ff505029b46
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15770
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-ee4d"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1515913
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: cf59170e4052ffde5edd6d5404725d20

1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js

104.250.44.1

200 OK

5.0 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-4ea4"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 874f223518ae688a469c8b084355547a

1gruet.rbjgb.com/ftl/commonPage/js/layer.js

104.250.44.1

200 OK

7.6 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/layer.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-55f6"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 01945edd8438e35f35b39cb2f9141476

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

104.250.44.1

200 OK

1.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-1151"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 4d9e78904017de8667a29825db4b8abe

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

104.250.44.1

200 OK

17 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-fc8b"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 7972df995f712626db9f712f19995031

1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

104.250.44.1

200 OK

7.7 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

HTTP Headers

GET /150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-6caf"
Date: Mon, 29 May 2023 22:12:23 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:23 GMT
Age: 184883
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 565b89258ac7c5fe2ea05a9f5c161057

1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

104.250.44.1

200 OK

4.1 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

HTTP Headers

GET /150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-3a09"
Date: Mon, 29 May 2023 22:12:24 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:24 GMT
Age: 184883
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 5e651152c2b4ecdfcd01a298bf206f5c

1gruet.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css

104.250.44.1

200 OK

911 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
911 B (911 bytes)
Hash
1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b5d"
Date: Sun, 14 May 2023 12:56:50 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:56:50 GMT
Age: 1514217
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 7de00cbfb8d51e3256e432d78cf03266

1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961

104.250.44.1

200 OK

5.2 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

HTTP Headers

GET /150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-7fd7"
Date: Mon, 29 May 2023 22:12:23 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:23 GMT
Age: 184883
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 97e0485def679c1d509324ca3568f5ae

1gruet.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css

104.250.44.1

200 OK

3.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

HTTP Headers

GET /150810/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-2d52"
Date: Mon, 29 May 2023 22:12:26 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:26 GMT
Age: 184880
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 747ea83ae6be8da80171aca9a753a188

1gruet.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0

104.250.44.1

200 OK

3.1 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.1 kB (3111 bytes)
Hash
5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc

HTTP Headers

GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6131d862-48e4"
Date: Sun, 14 May 2023 12:54:38 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Tue, 13 Jun 2023 12:54:38 GMT
Age: 1514349
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: d2b78684298ca223b56fb81552b92e77

1gruet.rbjgb.com/ftl/commonPage/js/moment.js

104.250.44.1

200 OK

27 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/moment.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Size
27 kB (26878 bytes)
Hash
9bcf737d07f6f089ac8c8e11a1758fad
fb186e78925c05500b7855bf7f4f9d00a5517acc
cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26878
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"62a1b56b-1bf5b"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Thu, 09 Jun 2022 08:55:07 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1515914
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 758b6103f665ec668f84df77312f887b

1gruet.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

104.250.44.1

200 OK

6.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5d848f4f-1ad7"
Date: Sun, 14 May 2023 13:09:48 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 13:09:48 GMT
Age: 1513439
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 0a23d403fa41663441b1fda33dc6036c

dd365c.com:8989/mobile-api/v5/origin/getFloat.html

20.205.118.3

200 OK

106 B

URL POST HTTP/1.1
dd365c.com:8989/mobile-api/v5/origin/getFloat.html
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
106 B (106 bytes)
Hash
18da76ef30828950957abc98b28e7327
dc5c652bbb18e3bf5d2f14776ce2e10710e0decb
45c7e7ed630f2a5c7a48a85a78bf558f3a831d66085669a7953dfb0ea646fa54

HTTP Headers

POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://dd365c.com:8989
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=66776b881a59021b52807ef9298664ac; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-16855832276ca8
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 106

dd365c.com:8989/index/getAppsUrl.html?device=android

20.239.71.172

200 OK

897 B

URL GET HTTP/1.1
dd365c.com:8989/index/getAppsUrl.html?device=android
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , ASCII text, with very long lines (1132), with no line terminators
Size
897 B (897 bytes)
Hash
8df2f15542d90c6653388ae11e1d8973
dad7d95e66c8713b6488d35948660289968ae509
8a4b0ea21e0582dfccb1ff30afd05c94b4e5721eef7c7bfc6032e31880db179c

HTTP Headers

GET /index/getAppsUrl.html?device=android HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=29c626d4e884fe4301eb6b56b4d56981; Path=/
Sub-Sys: msite
Uuid: 00121-01-00000000-16855832281ca6
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 897

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
da8ba985de0e0c2e9abfde1e14d88b9a
fdd2f2713dc8cfbc8d243adf61abecaac08c0305
a636cddf52a033e872fed72ddf6045e6bb08822a60b48172ddc7f05fdd494515

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 01:33:48 GMT
Last-Modified: Thu, 01 Jun 2023 00:17:48 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: I69uJFgILVWMy3pSau32hSIYIjgqEiAtEbwfL_c3Wr_hPVipx6kw1g==
Age: 4560

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
da8ba985de0e0c2e9abfde1e14d88b9a
fdd2f2713dc8cfbc8d243adf61abecaac08c0305
a636cddf52a033e872fed72ddf6045e6bb08822a60b48172ddc7f05fdd494515

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 01:33:48 GMT
Server: ECAcc (dcb/7352)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 47pmajmPr9_u888KlBwxp37ycqfXW5zWicjLjdrjnwSfBuHJAfPZlg==

dd365c.com:8989/index/getUserTimeZoneDate.html?t=licgqefx

20.205.118.3

200 OK

98 B

URL GET HTTP/1.1
dd365c.com:8989/index/getUserTimeZoneDate.html?t=licgqefx
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
98 B (98 bytes)
Hash
dd3329ede29e77bfe1b748e04ae97e13
55820353b8b9dcb82b9bf6d6fc133ba7f13aaece
0de063631cd65304d457660516819097ed41a23934082718127069111ef7dfec

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=licgqefx HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-16855832280f43
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 98

vue.livelyhelp.chat/livechat.ashx?siteId=60000906

54.230.111.59

200 OK

885 B

URL GET HTTP/2
vue.livelyhelp.chat/livechat.ashx?siteId=60000906
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
885 B (885 bytes)
Hash
8a5a42da8aa3174ed91da6f56876db6d
cf8491ba49cc76399d71505cd36f5a3f0611810e
e3664828f708c6ae7ed019ecee1ee7ac0745bc14f30cd70fc884380340c095eb

HTTP Headers

GET /livechat.ashx?siteId=60000906 HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Wed, 31 May 2023 02:29:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rmVvhJPK4exMedavkDek1IY8WjdxLG4tfQ_QoiAuMlaaz1KorfZE_w==
age: 83044
X-Firefox-Spdy: h2

dd365c.com:8989/headerInfo.html?t=licgqemp

20.239.71.172

200 OK

116 B

URL GET HTTP/1.1
dd365c.com:8989/headerInfo.html?t=licgqemp
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
116 B (116 bytes)
Hash
d42cf64009e97aab0c8c7a29867c6e63
8cdb7a31010be9e6129d51e0f46ad4f849195887
959ced19cdcb74b39f0504663c4c7f04b4f289975355e15484fb3bb025600582

HTTP Headers

GET /headerInfo.html?t=licgqemp HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-1685583228f31b
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 116

dd365c.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign

20.205.118.3

200 OK

112 B

URL GET HTTP/1.1
dd365c.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
112 B (112 bytes)
Hash
5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1

HTTP Headers

GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685583228a226
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 112

dd365c.com:8989/mobile-api/v5/origin/loginSwitchCheck.html

20.239.71.172

200 OK

113 B

URL GET HTTP/1.1
dd365c.com:8989/mobile-api/v5/origin/loginSwitchCheck.html
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
113 B (113 bytes)
Hash
1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d

HTTP Headers

GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685583228c92e
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 113

dd365c.com:8989/index/getUserTimeZoneDate.html?t=licgqeur

20.239.71.172

200 OK

98 B

URL GET HTTP/1.1
dd365c.com:8989/index/getUserTimeZoneDate.html?t=licgqeur
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
98 B (98 bytes)
Hash
82da71a5d6163a1ccd26f397696fec01
6b39664f3a2f2045f5dc84ca61c5e3b1c197a876
32dee4206cd1fe47fd076481a6732cb3b2778398049dd352aad493c7a583ee78

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=licgqeur HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-1685583228e292
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 98

dd365c.com:8989/mobile-api/v5/origin/getThirdParam.html

20.205.118.3

200 OK

86 B

URL GET HTTP/1.1
dd365c.com:8989/mobile-api/v5/origin/getThirdParam.html
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
86 B (86 bytes)
Hash
9ac55fe189e4f53f37156e563e0f542e
18b13b1360ce9fbd973e046d2652be38d58a15e0
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b

HTTP Headers

GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=61ee84c9f68236309da705261df10e5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Thu, 01 Jun 2023 01:33:49 GMT
Out-Line: gb-cdn-813
Sub-Sys: mobile
Uuid: 00121-01-00000000-168558322967aa
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 86

1gruet.rbjgb.com/ftl/bet365-121/images/index-ban-04.jpg?wsSecret=a83aabc82592baab099a382d5e36cdb4&wsTime=1685583227

104.250.44.1

200 OK

71 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-ban-04.jpg?wsSecret=a83aabc82592baab099a382d5e36cdb4&wsTime=1685583227
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 860x214, components 3\012- data
Size
71 kB (70989 bytes)
Hash
0874790c51f4c2fc4b19ca5b7062c107
0b018e3a09ff6de7ed287fe2e77ea7f933712bf0
c490274b8d7112c756355b806bf7f8954296bd94f0380ef682a68597128d9ee0

HTTP Headers

GET /ftl/bet365-121/images/index-ban-04.jpg?wsSecret=a83aabc82592baab099a382d5e36cdb4&wsTime=1685583227 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 70989
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5d2c7603-1154d"
Date: Sun, 14 May 2023 13:09:49 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Tue, 13 Jun 2023 13:09:49 GMT
Age: 1513438
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: a357c09450948aeb30fe1c7618ded050

1gruet.rbjgb.com/ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3903 bytes)
Hash
e5a2ad569e98290c9b2c4a4be078caf4
11a4517d0252c0757729edfdf9cccba1a18c2a21
d49b27a9f00196592c4f64857d3f5dea4c4e57328d0537c947b96d8bca9e7517

HTTP Headers

GET /ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3903
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-f3f"
Date: Sun, 14 May 2023 12:28:38 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:28:38 GMT
Age: 1515910
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 6ce4ea543fd31a02270d473d4be62410

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10183/365epc.jpg.base64

104.250.44.1

200 OK

168 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10183/365epc.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 692x516, components 3\012- data
Size
168 kB (167576 bytes)
Hash
3574bdc3cde04dad5934caa1a3a8450a
8c47ba3e0b2606d90073c8d3a80dcdbe11ad1e0c
38c9c32da8e1a710a6cb59a8ee5572dee05c9c66fb75d0d68aa53a2b90c04bab

HTTP Headers

GET /fserver/files/gb/121/carousel/10183/365epc.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 167576
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63a1d0e7-28e98"
Date: Sun, 14 May 2023 12:28:38 GMT
Last-Modified: Tue, 20 Dec 2022 15:12:39 GMT
Expires: Tue, 13 Jun 2023 12:28:38 GMT
Age: 1515911
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 2678276a39d2fb90a720cf5aba228f6d

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64

104.250.44.1

200 OK

128 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127631 bytes)
Hash
be663490cad9945816e2a8c06006818e
0d2274099ebda0c8b2287d773e60be25bb21543c
6f64ebb39f34158d6f22133ca4324072c799f08c5407edaf7753092bebc51b66

HTTP Headers

GET /fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 127631
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "63770ee7-1f28f"
Date: Sun, 14 May 2023 12:28:41 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:43 GMT
Expires: Tue, 13 Jun 2023 12:28:41 GMT
Age: 1515909
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 1497f227d1dffdc0742cb049a40d51e1

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64

104.250.44.1

200 OK

230 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
230 kB (230329 bytes)
Hash
742cc95cacbfb99d69af088a55c8daee
d2353b5b99bcae5a416b5ef94a64138e4682d42c
2ef2d125b3e3c3ff6379070544b9b2f920ff416cc5a0d0833dad04cefdf1c0b9

HTTP Headers

GET /fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 230329
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee7-383b9"
Date: Sun, 14 May 2023 12:28:40 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:43 GMT
Expires: Tue, 13 Jun 2023 12:28:40 GMT
Age: 1515910
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 713769d88eaf561c8d31c4c47e4f07f0

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64

104.250.44.1

200 OK

278 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278300 bytes)
Hash
a15b5210b8738817a4877f06037cab37
0952a7b40b385c0c63c00a9fe8150bcacef8ae80
c9acf6e4cbcc45be053ec27581cb60d4072bfe4b359d76701cbe9f4a0c265a7b

HTTP Headers

GET /fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 278300
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee6-43f1c"
Date: Sun, 14 May 2023 12:28:41 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:42 GMT
Expires: Tue, 13 Jun 2023 12:28:41 GMT
Age: 1515909
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 43b4e9ef620ce25c51bdf795cd3123c3

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64

104.250.44.1

200 OK

277 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
277 kB (276691 bytes)
Hash
57952bca926775400bf45dd90bed34b6
bc58fa8be4a61f6039b5b07a195a010959b81e51
3478d541b6d417c66f7ee4bd4be0a1f332ed9857ebec4dc81f315ecd7b108dd7

HTTP Headers

GET /fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 276691
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee5-438d3"
Date: Sun, 14 May 2023 12:28:43 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:41 GMT
Expires: Tue, 13 Jun 2023 12:28:43 GMT
Age: 1515908
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 73c59804ce8e27c462b3b9fb595d9656

1gruet.rbjgb.com/fserver/files/gb/121/Logo/1/1543560239717.png.base64

104.250.44.1

200 OK

6.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/Logo/1/1543560239717.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6825)
Size
6.8 kB (6826 bytes)
Hash
66e9b89efb4e7f29a87644419122ab3b
7ad459cd238227649aeba6705b540e55ed273942
f4a232f6376894fcdfb8905e755851d2e5160496d99372a47ad89761ee6cc3c1

HTTP Headers

GET /fserver/files/gb/121/Logo/1/1543560239717.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6826
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee1-1aaa"
Date: Sun, 14 May 2023 12:36:58 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:37 GMT
Expires: Tue, 13 Jun 2023 12:36:58 GMT
Age: 1515414
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f0e0a3affd64bd365b513e5ae0b12306

vue.livelyhelp.chat/livechat.ashx?siteId=60000906

54.230.111.59

200 OK

4.6 kB

URL GET HTTP/2
vue.livelyhelp.chat/livechat.ashx?siteId=60000906
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
4.6 kB (4618 bytes)
Hash
18d8fc16f2cf23c408a47f1b183c560e
f71afb91e51932809fcf43c6d48f0c2424074608
3c5f16c1d1dccdc93106dfaf27a04a6c427df96b446fec1eb125b18d5130509a

HTTP Headers

GET /livechat.ashx?siteId=60000906 HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Wed, 31 May 2023 02:29:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kpqii-j6tMx1tTHXBSbq4QJVA4P2vbK5ngRWl341kCZCYM5dNYp2-A==
age: 83044
X-Firefox-Spdy: h2

dd365c.com:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png

20.239.71.172

200 OK

1.3 kB

URL GET HTTP/1.1
dd365c.com:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP
20.239.71.172:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1321 bytes)
Hash
a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936

HTTP Headers

GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/ftl/commonPage/themes/gui-layer.css
Cookie: sticket=VE10TkdReU5pMDVOa; route=61ee84c9f68236309da705261df10e5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 1321
Content-Type: image/png
Date: Thu, 01 Jun 2023 01:33:52 GMT
Etag: "5d848f4f-529"
Expires: Fri, 02 Jun 2023 01:33:52 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Out-Line: gb-cdn-813
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1515412
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 4160739dba50242d04735a054b084c47

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1515412
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 8f9ee86a435c4ba636337a6260837a0b

1gruet.rbjgb.com/ftl/bet365-121/themes/images/sports-infos-bg.png.base64

104.250.44.1

200 OK

14 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/sports-infos-bg.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
14 kB (14071 bytes)
Hash
87a2000794ce47540d366318eba25fce
7e13890479a39ebe5e5b84cd881cddb3485ddf7b
4a35f04b2032a5edece24929c1b01ec6747106881adbf1f9ddbc6e077275eecb

HTTP Headers

GET /ftl/bet365-121/themes/images/sports-infos-bg.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 14071
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-36f7"
Date: Sun, 14 May 2023 13:09:50 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:50 GMT
Age: 1513442
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: a7259fdb34b711b77f0ba6d9a42cf3dc

1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64

104.250.44.1

200 OK

5.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
5.8 kB (5771 bytes)
Hash
218e631a9ac4002db242ae37fdc7060a
d340f9e755fe026516943b890c423fef1d02930a
cac54484b00312dcecc274572c6d45744e87d0b9a54e667f2c22bcc5f253a91b

HTTP Headers

GET /ftl/bet365-121/themes/images/bg-products.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 5771
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-168b"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1513441
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 7110607704997d06eff162cf111b1547

1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3883 bytes)
Hash
4558c044623afebe02a1422bf13fbae0
66b103e96878b8542f1a6cac95a584ecb8d26787
99735be4461b4d9faee52aca6f539ed2bab8f459868193421a44f94cee745b2c

HTTP Headers

GET /ftl/bet365-121/themes/images/login_os.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3883
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-f2b"
Date: Sun, 14 May 2023 12:36:59 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:36:59 GMT
Age: 1515413
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 38e647b47911d4727bd9243e25805840

dd365c.com:8989/fserver/files/gb/121/carousel/10183/365epc.jpg

20.205.118.3

200 OK

72 kB

URL GET HTTP/1.1
dd365c.com:8989/fserver/files/gb/121/carousel/10183/365epc.jpg
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 692x516, components 3\012- data
Size
72 kB (71928 bytes)
Hash
94c229bd9d84a0c594294b4ec6d6e89f
e509d795e28f38125fb01f6168a411c37ccc4f66
ad52fefd05eaf7e406fa264d33ba103c6a62f7c98431f08053ced439a3031f52

HTTP Headers

GET /fserver/files/gb/121/carousel/10183/365epc.jpg HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=61ee84c9f68236309da705261df10e5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 71928
Content-Type: image/jpeg
Date: Thu, 01 Jun 2023 01:33:52 GMT
Etag: "63a1d0e7-118f8"
Expires: Fri, 02 Jun 2023 01:33:52 GMT
Last-Modified: Tue, 20 Dec 2022 15:12:39 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1515412
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 483fe796e916b941b066a1f9f5dbd11f

1gruet.rbjgb.com/ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64

104.250.44.1

200 OK

515 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
515 B (515 bytes)
Hash
b1734cb77ae0e91b4116a8a06a7fc5b3
146195cdb93b3194f586acabd2712c7efb1c02da
d89f82c6664674129fe2a5da52c794ad91b6b8e8840119139180574d278ca20f

HTTP Headers

GET /ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 515
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-203"
Date: Sun, 14 May 2023 13:09:50 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:50 GMT
Age: 1513442
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 5c967982eb4310483bfbdc084c853af3

1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64

104.250.44.1

200 OK

5.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
5.8 kB (5771 bytes)
Hash
218e631a9ac4002db242ae37fdc7060a
d340f9e755fe026516943b890c423fef1d02930a
cac54484b00312dcecc274572c6d45744e87d0b9a54e667f2c22bcc5f253a91b

HTTP Headers

GET /ftl/bet365-121/themes/images/bg-products.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 5771
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-168b"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1513441
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d360bb8818eba38c7f28fa4ebfe1561e

1gruet.rbjgb.com/ftl/bet365-121/images/index-casino.jpg.base64

104.250.44.1

200 OK

42 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-casino.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
42 kB (41718 bytes)
Hash
d85ea4e359a4f6110f45608a215a9395
7ea544d92730a6d771fa71767a5275f6c3467de1
08c006ada8a7ac4b82f9972091e8fe55cb72b3bf5308877485a9cd91466d422e

HTTP Headers

GET /ftl/bet365-121/images/index-casino.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 41718
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-a2f6"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1513441
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: fb9e68dca815917dfae3e1c7b85bfff3

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1515412
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: ca8bac35b383d154574c531c29346c32

vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js

54.230.111.59

200 OK

128 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65422)
Size
128 kB (128160 bytes)
Hash
7dd3e386b0cd8e8e061c5ccd55f57312
99829047a3d6dd8636a99cb7d40b2ff2253eee09
944dda37179d5929ff731e111c822c37f610f701b9625ff85aa1d9fcc55fdc57

HTTP Headers

GET /visitorside/js/bundle.71856ffb.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 07:05:31 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-808eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fyi1hwM810pXfY3_G-FyvriCSyo4EPAuKs3lEcZz5cvcLgzsYfbU5A==
age: 66500
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/bet365-121/images/index-lottery.jpg.base64

104.250.44.1

200 OK

40 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-lottery.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
40 kB (39554 bytes)
Hash
26e2b2e2badebd56bc19d11395bc8d90
cc75eeef029dd24d73f5578dd177b07b58339506
a8ea01afc26227b927a2a86fee7e2ee33c02fe98854e336764ab67858fce3d24

HTTP Headers

GET /ftl/bet365-121/images/index-lottery.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 39554
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-9a82"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1513441
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 08029987b66bf91bef397d9e1a5209e6

1gruet.rbjgb.com/ftl/bet365-121/images/index-game.jpg.base64

104.250.44.1

200 OK

36 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-game.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365c.com:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
36 kB (36231 bytes)
Hash
cd75b5ca5e8b8224880bc951f0eae39c
ed4199ec40838a7843e33f07ce0a97c7e3040424
700d24ce9c8dbdd2a3a075c259448676abff4438b619b17612469b51d00e29c5

HTTP Headers

GET /ftl/bet365-121/images/index-game.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 36231
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-8d87"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1513442
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3dcc9f0eabf617b2dd98f19cb0cac509

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
453e859b92ffbfbb87a8c1f68d6b1ae0
150bd3f42888bdd8566913daaccd8eaff767c93c
86ba19b5efdae18b6102fb14c4ccd17a929ee4358885bda22ec6dadd708577bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 01:33:53 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G6EoJzNc3KhqOEwZGVAbrVQ_v1oPyCfYK7eE89Woo0KXJrLKWAZRSg==

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
575af0d05752f5be537c91121619fefa
8f17d22707e649c99061c2fdb53e10d0d8694f89
2b8dbd9f41b0e48c50f99b4434056bfd413610180fccaa512bca8fedac455c6a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 01:33:53 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BQe5JL9UXp7K6HQt0wXDJ4DchWgkgTB9h2Bx4E_ln2ujeNK0WfmqKQ==

chat.livehelp100service.com/visitor.ashx?siteId=60000906

13.248.194.97

200 OK

731 B

URL POST HTTP/2
chat.livehelp100service.com/visitor.ashx?siteId=60000906
IP
13.248.194.97:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- HTML document, ASCII text, with very long lines (1297), with no line terminators
Size
731 B (731 bytes)
Hash
b022201c02f1c244ffb289d313592708
bfd6359cc9413cdfc536fef904c9d01424bdaf8e
d8384e69f7618e5edcf20f83fd4e84d62298d5a5d450f430c2a96c87d4641876

HTTP Headers

POST /visitor.ashx?siteId=60000906 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 69
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:33:53 GMT
content-type: text/json; charset=utf-8
content-length: 731
server: nginx
cache-control: private
content-encoding: gzip
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-aspnet-version: 4.0.30319
access-control-allow-origin: https://dd365c.com:8989
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js

54.230.111.59

200 OK

23 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (57848)
Size
23 kB (23251 bytes)
Hash
d744af07c5b3ccbd11122619f044c41d
25e6b0eebeb9c5f16402495cff29714b4272e623
b3dcfca53b9dbab024ee5d9de7fa52f5910d1f35f40466b0215e90ba451b0b70

HTTP Headers

GET /visitorside/js/common.dce7d2db.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 05:59:24 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"64589dff-ee9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mA8a1n8vBffIqIZ9rwNFcg3qqpZ2zu4ZwgZsqAS5p271Y1sy1uiCoQ==
age: 70468
X-Firefox-Spdy: h2

chat.livehelp100service.com/campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607

13.248.194.97

200 OK

6.7 kB

URL GET HTTP/2
chat.livehelp100service.com/campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607
IP
13.248.194.97:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12230), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
95854c509696c661121399132b7122e4
45ec3c1222c96d8ebf5824eade454c745b951380
11dacfed9f3133b124847156577e54a93d06c2a0cb5ad0f778b412abbb9fd422

HTTP Headers

GET /campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Jun 2023 01:33:54 GMT
content-type: text/json; charset=utf-8
content-length: 6701
server: nginx
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

vue1.livelyhelp.chat/visitorside/js/bundle.71856ffb.js

54.230.111.59

200 OK

527 kB

URL GET HTTP/2
vue1.livelyhelp.chat/visitorside/js/bundle.71856ffb.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
527 kB (526571 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/bundle.71856ffb.js HTTP/1.1
Host: vue1.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 05:02:46 GMT
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
access-control-allow-credentials: true
access-control-max-age: 1728000
etag: W/"64589dff-808eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zVGI_rwDrku9T56gegSCt-tODal_TBzfRwQXYlBUhBDgZrga7iHEbg==
age: 73867
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js

54.230.111.59

200 OK

9.5 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9703), with no line terminators
Size
9.5 kB (9540 bytes)
Hash
fdc52b061e51dfcbdedf21ca762d9cf9
5cc66b475dc8075f2bf772a3a9ac9bd2ed43018e
61240cab85495ff08735440d1774611a23d1218e33117ea7dd0ed0147fd69b56

HTTP Headers

GET /visitorside/js/Button.8e7eec9c.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://vue.livelyhelp.chat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 02:04:46 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-2544"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V_B4125y4-91GnBeq_QP8p7NYh_CMahecfOQuAqUYV06DJxLqWY2Fg==
age: 84548
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js

54.230.111.59

200 OK

74 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
74 kB (73465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/vendor.3f781933.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 03:20:51 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-11ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VbYBN96ExU2zhsvY9VFq2xkFfrw0KOisLynEcGSNYMi7AtL31UqBJQ==
age: 79981
X-Firefox-Spdy: h2

dd365c.com:8989/favicon.ico

20.205.118.3

404 Not Found

150 B

URL GET HTTP/1.1
dd365c.com:8989/favicon.ico
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365c.com:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365c.com
Fingerprint98:2F:FA:98:52:DB:5D:E2:4D:28:72:5A:C1:73:ED:6B:DA:6A:7C:99
ValidityThu, 13 Apr 2023 15:11:10 GMT - Wed, 12 Jul 2023 15:11:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
150 B (150 bytes)
Hash
3975df6acd9bb32205823270e122bb3f
debbb3ecc9183ee7672f25d0f74eea74e3530298
13ed13454e3102135579e64775b002a66280f9eb99c31e4d8b59a69cf7e00425

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dd365c.com:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Cookie: sticket=VE10TkdReU5pMDVOa; route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 150
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 01:33:48 GMT
X-Frame-Options: SAMEORIGIN

vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js

54.230.111.59

200 OK

74 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
74 kB (73465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/vendor.3f781933.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 03:20:51 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-11ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3GX5PnqqR5Kwr86I1i5oDFfTD_TGmnqpD7rnyd4sCzCvFJ2FrO9dEA==
age: 79981
X-Firefox-Spdy: h2

vue1.livelyhelp.chat/visitorside/js/common.dce7d2db.js

54.230.111.59

200 OK

61 kB

URL GET HTTP/2
vue1.livelyhelp.chat/visitorside/js/common.dce7d2db.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
61 kB (61084 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/common.dce7d2db.js HTTP/1.1
Host: vue1.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 12:02:04 GMT
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
access-control-allow-credentials: true
access-control-max-age: 1728000
etag: W/"64589dff-ee9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: skG_PeaAEGIw12G6sdPMUclbY6NHDNxK4nYY181erkID0T8rgBDwbA==
age: 48709
X-Firefox-Spdy: h2

vue1.livelyhelp.chat/visitorside/js/vendor.3f781933.js

54.230.111.59

200 OK

74 kB

URL GET HTTP/2
vue1.livelyhelp.chat/visitorside/js/vendor.3f781933.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
74 kB (73465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/vendor.3f781933.js HTTP/1.1
Host: vue1.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365c.com:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 31 May 2023 02:31:41 GMT
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
access-control-allow-credentials: true
access-control-max-age: 1728000
etag: W/"64589dff-11ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7krmTi9cr-2NdVAWx8y8HJXLOW1H9D4w3JjY7yF55B85BjEO4_cD_w==
age: 82932
X-Firefox-Spdy: h2

vue1.livelyhelp.chat/livechat.ashx?siteId=60000906

54.230.111.59

200 OK

1.6 kB

URL GET HTTP/2
vue1.livelyhelp.chat/livechat.ashx?siteId=60000906
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365c.com:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1745), with no line terminators
Size
1.6 kB (1580 bytes)
Hash
fdbc76fdddf376c4c753692cceb68c77
2a0b1dc9f31e1beb41fafe6995761b6849008577
583d6d7062d2830c4baa5df273a90896bcf230a8986ea0ba1c49d02cc49fb40a

HTTP Headers

GET /livechat.ashx?siteId=60000906 HTTP/1.1
Host: vue1.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365c.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Wed, 31 May 2023 11:31:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s8FNuXpSP-h4KhHY6Ecf1ogY70FabfXQXARB8CIPs12H50jmwbg6JQ==
age: 50522
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML