| | 104.21.21.95 | 301 Moved Permanently | 64 kB |
URL User Request GET HTTP/2IP104.21.21.95:443
CertificateIssuerGoogle Trust Services LLC Subjectcc04323.com FingerprintA0:80:56:EE:03:7F:9D:01:EC:CD:3D:A7:A1:FB:BB:FF:5E:C8:6A:70 ValidityWed, 24 May 2023 09:27:12 GMT - Tue, 22 Aug 2023 09:27:11 GMT
Hash02fa4c31bc047597c180401a0f244390 41b3ea337d3062f237ac1aea12de61009509f492 349aa0484079ddf90863b75904b84d666b174ca21ca80d2a95b0093fb5be108d
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET / HTTP/1.1
Host: cc04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 02 Jun 2023 12:32:14 GMT
location: https://04320432.vip
cache-control: max-age=3600
expires: Fri, 02 Jun 2023 13:32:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geKVSHIQF5oLods%2F4eP3lOR2XIKMwLxIOXL7agci6EUYYsZ2zYOO0YNoyhgAdTxnxLFfrmu8In3Q6%2BmFEQpnF7sY%2BF27ABq8nDqQrvNmWG4fyt0cEeTE5xt7rFMkLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fb7c9f85cb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.15.101 | | 471 B |
IP104.18.15.101:0
Hashcb5f4ecb3e25b3cba8a1028c58f1d320 b1af6e876d5b9d3b7f040c395f4c059d1e1276da 3f42825e7a95a3e781743b7f561a8d29ac7c971744a768e844da1cbe27b49dc0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 12:32:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 17:16:17 GMT
Expires: Wed, 07 Jun 2023 17:16:16 GMT
Etag: "b1af6e876d5b9d3b7f040c395f4c059d1e1276da"
Cache-Control: max-age=448437,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0fb7e0ab5eb500-OSL
|
|
| 04320432.vip/message_zh_CN.js?v=1685395744961 | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/304320432.vip/message_zh_CN.js?v=1685395744961 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typeUnicode text, UTF-8 text, with very long lines (17953) Hash2f6bbee802e13ba5b996854899146388 1740f10b199aabd29342db59f3bc368e7a115007 a133f55920bc6dce0b09e2b0e107fccf6f89a5f1744f2535e4702c08b38e198a
GET /message_zh_CN.js?v=1685395744961 HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:16 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Sat, 03 Jun 2023 12:32:15 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: 01513-01-00000000-16857091350aa6
out-line: gb-source-106
cf-cache-status: EXPIRED
last-modified: Thu, 01 Jun 2023 00:52:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoyhP27SXJu23JYjBISJgvhYqu%2FlnpafC7alBMHdA77aZcf8KWLvbiCG94YU5gIm2qdexdAJwaWNpq5UCUAgpUW5ckq3oZqy7U8uuzP4%2FsOyJuyteCHWhZrrr8x8s9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7cfbf591c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.sectigo.com/ | 104.18.15.101 | | 471 B |
IP104.18.15.101:0
Hashcb5f4ecb3e25b3cba8a1028c58f1d320 b1af6e876d5b9d3b7f040c395f4c059d1e1276da 3f42825e7a95a3e781743b7f561a8d29ac7c971744a768e844da1cbe27b49dc0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 12:32:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 17:16:17 GMT
Expires: Wed, 07 Jun 2023 17:16:16 GMT
Etag: "b1af6e876d5b9d3b7f040c395f4c059d1e1276da"
Cache-Control: max-age=448437,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0fb7e0aaed1bfa-OSL
|
|
| ocsp.sectigo.com/ | 104.18.15.101 | | 471 B |
IP104.18.15.101:0
Hashcb5f4ecb3e25b3cba8a1028c58f1d320 b1af6e876d5b9d3b7f040c395f4c059d1e1276da 3f42825e7a95a3e781743b7f561a8d29ac7c971744a768e844da1cbe27b49dc0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 12:32:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 17:16:17 GMT
Expires: Wed, 07 Jun 2023 17:16:16 GMT
Etag: "b1af6e876d5b9d3b7f040c395f4c059d1e1276da"
Cache-Control: max-age=448437,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0fb7e0a8f9fac4-OSL
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/style/common.css | 104.250.44.1 | 200 OK | 6.0 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/style/common.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash3ee32cc28bee77ec29467a03b69b0574 36f7c705f1419e6c6840b85f8dd12e379b16c066 4c479d007576da5d4a485513250d8c69d280b5392d54e3516f53140234a532db
GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5961
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"631d86f0-7005"
Date: Sun, 14 May 2023 12:24:35 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
Expires: Tue, 13 Jun 2023 12:24:35 GMT
Age: 1642062
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: a6818262e103d846449e0fdca3d999c3
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css | 104.250.44.1 | 200 OK | 6.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (7014) Hashd72bc8116ebcfa2aa1853b83f607f2f9 669f0eddfe55d617d5dd0264ebef6ee483ca8319 9dcd6715090f9f85e0010db1dfecf43a05ba4e28df4884264a65356f3bc9e917
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6239
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5fced4cc-7b2e"
Date: Sun, 14 May 2023 12:24:35 GMT
Last-Modified: Tue, 08 Dec 2020 01:20:12 GMT
Expires: Tue, 13 Jun 2023 12:24:35 GMT
Age: 1642063
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: ff08bae51a0db6c57c24e35d5a6e9296
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js | 104.250.44.1 | 200 OK | 34 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeASCII text, with very long lines (32038) Hashb091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-176d4"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642102
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: eafc02f50315492bc50f78ec7b869db0
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js | 104.250.44.1 | 200 OK | 12 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeASCII text, with very long lines (32030) Hash6ddb20c89aad63f86c5862b2f5c48a56 45da7bc94c509993ad003b3963c6e802b5ec248a 1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11951
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b07e"
Date: Sun, 14 May 2023 12:23:55 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:23:55 GMT
Age: 1642102
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: aa809132cdd2e4daef9c95a6f8f8d0da
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/float.js | 104.250.44.1 | 200 OK | 1.9 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/float.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"612747ba-1b2f"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642102
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 53a2a504971116ed0aaec69cf789b531
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js | 104.250.44.1 | 200 OK | 4.0 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash4de3e8bcf2f02d60519ca0d3584d3b8e 6323c2bf18b1bbf968e164bdf2e58d7677f67f8a 6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"60f60fb5-43bc"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642102
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 0fd4c8b156de6d2ad7be17df5ca6a32b
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-base.css | 104.250.44.1 | 200 OK | 17 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-base.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (12023) Hashfcf7fcda4cfb8589d0e35dcad1b6a70a 607ec7cfde0e21e5ca7323aabd340ea82eddbd0c 58005581427a61dee5af1386995b38d90e995f4bcb75b85f8bb84d84ab5ac0fd
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 16723
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"64702b4d-13d22"
Date: Fri, 26 May 2023 07:22:06 GMT
Last-Modified: Fri, 26 May 2023 03:45:17 GMT
Expires: Sun, 25 Jun 2023 07:22:06 GMT
Age: 623411
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 63d04d521259ff1285f8e5f5a0c8187a
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js | 104.250.44.1 | 200 OK | 3.3 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash3b4680db1e065116488f065419ca9f58 6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6260ddd4-2f13"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f2117cee91fdac941936f7fff413ff4a
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/lazyload.js | 104.250.44.1 | 200 OK | 2.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/lazyload.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hashc400884eb33705c441487b8beed81be0 6e040e41aad03c4554aa90141fd872433185082a df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2688
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"63a93f79-2ce5"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Mon, 26 Dec 2022 06:30:17 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 0670f9c044035a5fa966809bea34d964
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js | 104.250.44.1 | 200 OK | 797 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"6260ddd4-828"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 10a8ed0b6abe1f4dd0fa310c06219234
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js | 104.250.44.1 | 200 OK | 5.0 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeASCII text, with very long lines (20132), with no line terminators Hash5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-4ea4"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 9fad4e64068aa960fb743a437c91fa6e
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/layer.js | 104.250.44.1 | 200 OK | 7.6 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/layer.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (21922) Hashc42797aecccd5494e2b747cedf1a890b b9e06a6d245b6a3c87f2753db0c9c9aa020640b2 56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-55f6"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b99dde6b51762951016102cdf0c9a095
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js | 104.250.44.1 | 200 OK | 1.4 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeASCII text, with very long lines (4433), with no line terminators Hashf77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-1151"
Date: Sun, 14 May 2023 12:23:56 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:23:56 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 222665b453af45901fe170b5c2054038
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js | 104.250.44.1 | 200 OK | 17 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeASCII text, with very long lines (64577) Hashb5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-fc8b"
Date: Wed, 24 May 2023 06:16:43 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Fri, 23 Jun 2023 06:16:43 GMT
Age: 800135
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 08994216610598641dbe3756d9160e3a
|
|
| etmqz9.gaokejd.xyz/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js | 104.250.44.1 | 200 OK | 7.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (27669) Hashf8c2b37c1dc626eede6a2e3e37aa4504 d4e8419497caa64c8a850ac4808dddb89b5eeb3f 728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
GET /150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-6caf"
Date: Mon, 29 May 2023 22:12:03 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:03 GMT
Age: 310814
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b65794ec00f3718e62e11b12de9b7376
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/gui-base.js | 104.250.44.1 | 200 OK | 16 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/gui-base.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (11041) Hash4f958aa7157a3b48caa17e42505396b6 67a2625ceeb29fd2d235c9c395c53ff505029b46 bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15770
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-ee4d"
Date: Sun, 14 May 2023 12:23:57 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:23:57 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 6295a7acb8077ff80e74e619a47f31d2
|
|
| etmqz9.gaokejd.xyz/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js | 104.250.44.1 | 200 OK | 4.1 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (14855), with no line terminators Hash4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
GET /150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-3a09"
Date: Mon, 29 May 2023 22:12:04 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:04 GMT
Age: 310814
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 0df300d2578eb2da74858db05fca02cf
|
|
| etmqz9.gaokejd.xyz/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 | 104.250.44.1 | 200 OK | 5.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (801) Hash30be40425b37bee4158676082cef1f4d b41ed46721936872d5d7eadf303ce22938240d2a f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
GET /150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-7fd7"
Date: Mon, 29 May 2023 22:12:03 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:03 GMT
Age: 310815
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: aefb6ae310dafc3cb720aef21ddc5e4f
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css | 104.250.44.1 | 200 OK | 911 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash1da71520b7a0a61526a8fa8d0feb40d1 ba1bf69dad8783563328054cae58ccabf1b00829 5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b5d"
Date: Sun, 14 May 2023 12:24:37 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:37 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: e11f547bb1d3ee9eb7562e412a8977d0
|
|
| etmqz9.gaokejd.xyz/150810/rcenter/common/static/css/gb.validation.min.css | 104.250.44.1 | 200 OK | 3.8 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/150810/rcenter/common/static/css/gb.validation.min.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (2295) Hashf00ce0554efc5adea6a8e02d5e501cad 388840e376568b37ac0103aa5c87a268778db67a 3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
GET /150810/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-2d52"
Date: Mon, 29 May 2023 22:18:48 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:18:48 GMT
Age: 310410
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 541a525805243440b0f6f5c2c0a68bcb
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/plugin/js/countUp.js | 104.250.44.1 | 200 OK | 2.1 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/plugin/js/countUp.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hashcc13495ac566c04d5972da9c11a1d870 d9be95a44caff4e4c1d758d0b29236db286ed5b7 ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a
GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2076
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"615584f5-1be5"
Date: Sun, 14 May 2023 12:23:57 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
Expires: Tue, 13 Jun 2023 12:23:57 GMT
Age: 1642101
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: bb841665e4946c8199bdca2f39e5d70d
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/themes/hongbao.css | 104.250.44.1 | 200 OK | 5.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/themes/hongbao.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (336) Hash499a3a64bcf22609681f5337a6360c80 fc05a8a391c8375ea4e47183eca56a18bed8fca7 5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"64252e4f-d530"
Date: Sun, 14 May 2023 12:24:35 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Tue, 13 Jun 2023 12:24:35 GMT
Age: 1642063
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d40108341a0d3d527e648ea1f13213e0
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/moment.js | 104.250.44.1 | 200 OK | 27 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/moment.js IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeAlgol 68 source text\012- Pascal source, Unicode text, UTF-8 text Hash9bcf737d07f6f089ac8c8e11a1758fad fb186e78925c05500b7855bf7f4f9d00a5517acc cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26878
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"62a1b56b-1bf5b"
Date: Sun, 14 May 2023 12:23:57 GMT
Last-Modified: Thu, 09 Jun 2022 08:55:07 GMT
Expires: Tue, 13 Jun 2023 12:23:57 GMT
Age: 1642100
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 43d98be06582d4cca2929d2cf6c541ea
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css | 104.250.44.1 | 200 OK | 6.8 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (489) Hash1c23442d5fb40416df9363799e8d0cb9 d70dd2824c27574bd5a2df64eec410e5fcb6dea9 5589ea967b68e4f6fffae1fb8c1cd899740a39c6c6018ae68677b7ad4fc2a42c
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6776
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"64252e4f-c3fe"
Date: Sun, 14 May 2023 12:24:36 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Tue, 13 Jun 2023 12:24:36 GMT
Age: 1642062
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 084ae063bb93d399021cf3b9fe787adf
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg | 104.250.44.1 | 200 OK | 6.9 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data Hash99be4bfe275809d4e436b77c991b1381 54eadee77394eb62ccf377ae68d9f49acb5b6785 4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5d848f4f-1ad7"
Date: Sun, 14 May 2023 12:24:36 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:36 GMT
Age: 1642062
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 1adb89a07f6c46e785a6b411348ca38a
|
|
| 04320432.vip/ftl/bet365-1513/themes/images/index_left_title.png | 188.114.96.1 | 200 OK | 2.5 kB |
URL GET HTTP/304320432.vip/ftl/bet365-1513/themes/images/index_left_title.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typePNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced\012- data Hash243751ae9e30b49a76dc9877ad060823 45ced5a86e90e3c2bfdda3598e82fc58d47ea292 5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:19 GMT
content-type: image/png
content-length: 2480
last-modified: Sat, 11 Sep 2021 09:11:05 GMT
etag: "613c72a9-9b0"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Sat, 03 Jun 2023 12:32:19 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-106
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbHlDsuwQe6EARWwZ4k2aTeccxVECN1GaHdQYtJ%2BzHhfE3wrydpaBvtL8rL%2B6iMg0l926Z9E8YAF%2BWtdsepEkbQONbbumglWk3AqqKwe%2BbUtWjoNkHmknWeHiPCjdlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fb7e7b89a1c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 | 104.250.44.1 | 200 OK | 3.1 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash5cf9259b7dd27aacd46161ec23d261cf ba0c399616a5ae9cdd8aec5b76ba4aae4822367c 7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6131d862-48e4"
Date: Sun, 14 May 2023 12:24:38 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Tue, 13 Jun 2023 12:24:38 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 4860b69b647b46984abc256f88fba375
|
|
| 04320432.vip/ftl/bet365-1513/themes/images/license.png | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/304320432.vip/ftl/bet365-1513/themes/images/license.png IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typePNG image data, 198 x 249, 8-bit/color RGBA, non-interlaced\012- data Hash6b050a88569349c273caa04328ad5219 b8d7f0fed474522391c84e424585f045563c60cd 3740a6aa129a59a5382f6cd772dcdb598a034229d79c2d40f21210b1625a8895
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /ftl/bet365-1513/themes/images/license.png HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:19 GMT
content-type: image/png
content-length: 20854
last-modified: Sat, 11 Sep 2021 09:11:05 GMT
etag: "613c72a9-5176"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Sat, 03 Jun 2023 12:32:19 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-106
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBh9iK67OWQudL5oCia0Vc3t2d%2FgylVmhA1uAiKQYrZfMLIU%2Bo6bI2Kl04mbgSK605WcKxcrDSj8xnbedvTTwuzE%2FweU94vjMk8gVOfuM4pXolj%2FbvcLTIhQZXAw1Oc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fb7e7a8941c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=d0c4079dc8f55a088e4e70f8ba4be7e6&wsTime=1685709138 | 104.250.44.1 | 200 OK | 130 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=d0c4079dc8f55a088e4e70f8ba4be7e6&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x260, components 3\012- data Size130 kB (130229 bytes) Hashade2eebf430679f43e6d298b73dacd58 481ccdce4c2a97bec300c574bca127bc36743bd7 41b317eaeb5067437c7d27644e6ecab4e1f81bf09f5ad8c0eec992e9088e7161
GET /fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=d0c4079dc8f55a088e4e70f8ba4be7e6&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 130229
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "637d4d04-1fcb5"
Date: Sun, 14 May 2023 12:24:38 GMT
Last-Modified: Tue, 22 Nov 2022 22:28:20 GMT
Expires: Tue, 13 Jun 2023 12:24:38 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: cf45e48c3c584d6d9695edf89f26f2f3
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png | 104.250.44.1 | 200 OK | 1.3 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data Hasha2e938202c0287b9c82461a6fd94dee9 b5e2adc7cb07c18a70a88af314e56b946ec1a1b6 df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5d848f4f-529"
Date: Sun, 14 May 2023 12:24:38 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:38 GMT
Age: 1642062
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3500af051855b4f255062af2b9cefa2a
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=7eb2e5fd13d45d45350f3a85596374cc&wsTime=1685709138 | 104.250.44.1 | 200 OK | 2.3 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=7eb2e5fd13d45d45350f3a85596374cc&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 139 x 29, 8-bit/color RGBA, non-interlaced\012- data Hash52a331a9176f0e79b54a961fabdadb81 f2b3c1eecc85589242ba6cab9e5ff605364f415e 8ddf9b81682f988f038c7b64d1880a2c18f519497e75b569e0bdea65413d55d6
GET /fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=7eb2e5fd13d45d45350f3a85596374cc&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2276
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5f746413-8e4"
Date: Sun, 14 May 2023 12:24:38 GMT
Last-Modified: Wed, 30 Sep 2020 10:55:15 GMT
Expires: Tue, 13 Jun 2023 12:24:38 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d76b9d6043f17479ea6736ab8286029f
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=7291587003ec7ae398409a553ca7e8a8&wsTime=1685709138 | 104.250.44.1 | 200 OK | 5.3 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=7291587003ec7ae398409a553ca7e8a8&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, interlaced\012- data Hash715accde73ee91614d615e95f82739f9 1c47e65ab9b1ad7074f9b7dd934a816bd3ef834e 13d1b623d4dd66c17067a7aea27e71fc4510406a946f13c86f99c499b4e7aa62
GET /ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=7291587003ec7ae398409a553ca7e8a8&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5335
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5ff80d82-14d7"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Fri, 08 Jan 2021 07:45:06 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: e327fd76fac04089c395eca9caaad7aa
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=c3fd1c2a7ec4de3ee3bf63e100d6411b&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=c3fd1c2a7ec4de3ee3bf63e100d6411b&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hashaf8e634c913f2a0398342b315793de02 886daf11ed8cb8a67313b28f042100c3a87cedd0 ab903e832a7be190aab69d16acfd4f4c3694760a8b215e06ec356541f33d4b27
GET /ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=c3fd1c2a7ec4de3ee3bf63e100d6411b&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4152
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5d848f4f-1038"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 41c757eeebbbabe03fae938a97b0cb0e
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=1ab282e9ce0c6c034b683bcd76f8dd85&wsTime=1685709138 | 104.250.44.1 | 200 OK | 129 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=1ab282e9ce0c6c034b683bcd76f8dd85&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 692x516, components 3\012- data Size129 kB (129297 bytes) Hashd454666a9a20826b7253d9f70145d2a8 0c854776d4581f787204a5f32810e058d5223e68 316f0abb5d56dc352cec051cd30b75e2abfb682f20103f9205e5da9b869686c4
GET /fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=1ab282e9ce0c6c034b683bcd76f8dd85&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 129297
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "637d4d2a-1f911"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Tue, 22 Nov 2022 22:28:58 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 4a5cb5d628eddeb922d174d783a7b25f
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/oclock.png?wsSecret=1620d018dae8a09520b385d25ef9fee5&wsTime=1685709138 | 104.250.44.1 | 200 OK | 519 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/oclock.png?wsSecret=1620d018dae8a09520b385d25ef9fee5&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 15 x 17, 8-bit colormap, non-interlaced\012- data Hashabf297e51fa41e9771aa7392fa9cba44 f76236aa20e9b0d8032666ff853fa87489049b08 1e082f27f562177c07f18f10e71d37d43ded6c836d16d425272ff33c51c3c798
GET /ftl/bet365-1513/themes/images/oclock.png?wsSecret=1620d018dae8a09520b385d25ef9fee5&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 519
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-207"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642058
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: a26ff6cc0a8e1069aa974356096e0182
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=b2423550a32d5441a7b13247cbebed53&wsTime=1685709138 | 104.250.44.1 | 200 OK | 1.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=b2423550a32d5441a7b13247cbebed53&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeGIF image data, version 89a, 14 x 18\012- data Hashd7ee8c341d86a4bb78532e2d8e721b7e 0e9394a2905d235b6a7215a03f0a5f8534451bef ff425363cf8edbb85d152bcdc36a137596829b6c003ac77a1be531922cd8f055
GET /ftl/bet365-1513/themes/images/hot1.gif?wsSecret=b2423550a32d5441a7b13247cbebed53&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1248
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-4e0"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 82501fe354f45f92ed499d8100905098
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=a00c4afb0c2a1804309823888f88c69d&wsTime=1685709138 | 104.250.44.1 | 200 OK | 918 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=a00c4afb0c2a1804309823888f88c69d&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x796, components 3\012- data Hash28b9980238466725db46247eeb3ae314 5490115ce6b25413f142811de784c6460cb7bab2 32c09d293a7029ae5c392f2986a13296809654b4e3816ebc5b9dd7a31a9fb51d
GET /ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=a00c4afb0c2a1804309823888f88c69d&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 918
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-396"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 14d1e247242dc0e8ee2d469d9ec6703f
|
|
| 04320432.vip/captcha/loginTop.html?t=jhzptiaj | 188.114.96.1 | 200 OK | 2.1 kB |
URL GET HTTP/304320432.vip/captcha/loginTop.html?t=jhzptiaj IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3\012- data Hash27fbd8283537b2ea87d766e2606f2cbe d10514161d169ebff600dec4762810ebca34d6eb cb19fe08e920e2c12e0dc9c800f49821409cbecd5e22bdc64fe550ae71251d05
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: route=cff4f63a4f0402d67e06fc02582263f1; Path=/
SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=; Domain=.04320432.vip; Path=/; HttpOnly
tempsid: Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-168570913513c7
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7acJigRhayUeQlgQSn2dtKW%2BYTCDvwzzQ6SbJHCve1q9aORDI2%2Bdu%2BbCcfyV8%2B5erJFmqzXa20tZWx8Wy65EsErmpV0qNzbq%2FK%2F5RXVr0NAazBhiSEZDH4G%2BJWVOq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7cf9f351c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/input_id.png?wsSecret=f1f155eee4d1d40f13d2c43cc4e0e33b&wsTime=1685709138 | 104.250.44.1 | 200 OK | 306 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/input_id.png?wsSecret=f1f155eee4d1d40f13d2c43cc4e0e33b&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 11 x 14, 8-bit colormap, non-interlaced\012- data Hash8eff7c810e9fe738953f72c30600c49d 76d0ff44cfe59218f5520bb880ca1a8b227185be ce1d697df52ad12d4443c85c7d257ccdfc48803bdc84409ed7732231587f56d0
GET /ftl/bet365-1513/themes/images/input_id.png?wsSecret=f1f155eee4d1d40f13d2c43cc4e0e33b&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 306
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-132"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 35e1005c3e327fcdc349a09a21b91c47
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=853fdc75c92d9d51c38a88c0be3880ce&wsTime=1685709138 | 104.250.44.1 | 200 OK | 295 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=853fdc75c92d9d51c38a88c0be3880ce&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 11 x 14, 8-bit colormap, non-interlaced\012- data Hash8a10f6dde7ab93278fce03968f25594f 61bc29c3cd2a21ca6ff9dc300cfbe3b7789b7862 6792a1a4f681b2d608c6a3e1964e0d2ef9b3fcf743ce3b8afee4a1c97ea2da7b
GET /ftl/bet365-1513/themes/images/input_pw.png?wsSecret=853fdc75c92d9d51c38a88c0be3880ce&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 295
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-127"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 921c998a6e1c798019ef0cf7da451188
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=dd942078490093cd0dbecc61aa027218&wsTime=1685709138 | 104.250.44.1 | 200 OK | 328 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=dd942078490093cd0dbecc61aa027218&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 190 x 66, 8-bit colormap, non-interlaced\012- data Hashc84badf514a135594e25cbcd6a5e6d4b 6883fd7e93396a9aeb426d2035a724335b5e04c4 5975ef695aff12c818fe0c61c10a3a14b01f38dbfc7d102de8c1d3444befa08e
GET /ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=dd942078490093cd0dbecc61aa027218&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 328
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-148"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 2f25de7eb03d39b2fbb0cca61842cdb6
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=88cc728c2800dcb89570c8c564bb324a&wsTime=1685709138 | 104.250.44.1 | 200 OK | 318 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=88cc728c2800dcb89570c8c564bb324a&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 14 x 14, 8-bit colormap, non-interlaced\012- data Hashe149b3e85d15c14a150036f93b296253 0006db6a1d3cc14a1d6da738d3243674d6110f84 9137d5630ca64621c97786e21e5ff77e75de43a4e0597aa6974e25d59082428e
GET /ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=88cc728c2800dcb89570c8c564bb324a&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 318
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-13e"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 36b6556267788944be30decfd2b78f42
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=c6368195c2206ce029c44df6ac8a7bbc&wsTime=1685709138 | 104.250.44.1 | 200 OK | 3.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=c6368195c2206ce029c44df6ac8a7bbc&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 307x260, components 3\012- data Hash884ab3a54eaeeee2c944773ac757ebcd 1aded473eecfb23f06fc59d4cc989853d2117489 bb3a93104a804d751e4456abbef235889811b806243edbbbb31a757c070b612a
GET /ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=c6368195c2206ce029c44df6ac8a7bbc&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3728
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-e90"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d80745038e54fbfd3d0639395378bdfb
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=a18817824a33390cdcc42fd32b9ce0bf&wsTime=1685709138 | 104.250.44.1 | 200 OK | 740 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=a18817824a33390cdcc42fd32b9ce0bf&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 36 x 38, 8-bit colormap, non-interlaced\012- data Hashd2020a71d2421b3d25dc61b5d3791fa9 95253209215c094261111d322b008882c5ea44cf c10dc5600856216b21a2a3af99e8a3e9fd7b7a022ed9c0d54c1eb1a8d2eeb201
GET /ftl/bet365-1513/themes/images/slot_more.png?wsSecret=a18817824a33390cdcc42fd32b9ce0bf&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 740
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-2e4"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3b2afc10416792ef42a5da391b855eee
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=43f9fd049295a887318101ad175e4169&wsTime=1685709138 | 104.250.44.1 | 200 OK | 20 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=43f9fd049295a887318101ad175e4169&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3\012- data Hashb3f1a365e502da9ff5a176396d415771 7c7967837cd4704a21265da90bcc978a1c98eaac 42af959e91e71e0af8d559e88bb0537cdfa8a89e7d593a2d1d179b22691736e7
GET /ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=43f9fd049295a887318101ad175e4169&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 20422
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-4fc6"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: a0f97f568e24ba937a239d03304a237b
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=056244b176cbca9a4006983ae00563d8&wsTime=1685709138 | 104.250.44.1 | 200 OK | 928 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=056244b176cbca9a4006983ae00563d8&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 171 x 34, 8-bit colormap, non-interlaced\012- data Hash6a35d7146f6fb12966be9d95ec7390f0 4e08c3f9269809beff65e607577204e3fa259d22 3892610b331020e0c985693c462ea4c2f1a2a86194fc1a61562725820c7e81cb
GET /ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=056244b176cbca9a4006983ae00563d8&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 928
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-3a0"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: d7ed5885be6a85627a50dbcdc374e060
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/list_head.png?wsSecret=c3c653cc5e77b99fe59d25aa596a6969&wsTime=1685709138 | 104.250.44.1 | 200 OK | 111 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/list_head.png?wsSecret=c3c653cc5e77b99fe59d25aa596a6969&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 5 x 23, 2-bit colormap, non-interlaced\012- data Hash21fb21afd6064e87b0f471e81a00469f b706061210181a99108aed97c7e694f08b0e5a29 7eeab9f0c7b8fb99b0973ad8e07b720cc651893ef4400204937f1962b3d5ed17
GET /ftl/bet365-1513/themes/images/list_head.png?wsSecret=c3c653cc5e77b99fe59d25aa596a6969&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 111
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-6f"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 9284c0d4367b1f1654c367a48aefbdd6
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=a20b27a201ebf9a8c4ebaa58dbbabc97&wsTime=1685709138 | 104.250.44.1 | 200 OK | 873 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=a20b27a201ebf9a8c4ebaa58dbbabc97&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 30 x 30, 8-bit colormap, non-interlaced\012- data Hashaae380c627076a477224dc2ccdc60c88 f60cadb09dac7476733f1924aa59853cb98df7ab 7e6d9e46386b12a52b52e4361c17f23e3b3041947155d6a9286b9ec563350273
GET /ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=a20b27a201ebf9a8c4ebaa58dbbabc97&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 873
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-369"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: f54f9da6a9cff4df5a17895d1999b567
|
|
| 04320432.vip/mobile-api/v5/origin/getFloat.html | 188.114.96.1 | 200 OK | 107 kB |
URL POST HTTP/304320432.vip/mobile-api/v5/origin/getFloat.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (910), with no line terminators Size107 kB (107361 bytes) Hash8e05eab4f1435c8c8af7989c4ecd5488 96162b6ed6c336f358f62fea14d8b44c6ee0b3a5 150a35718505b78f30a454d586f1b145964a37ce540fe73d4ebbcf8705d7eec7
Analyzer | Verdict | Alert | openphish | Bet365 | |
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://04320432.vip
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:19 GMT
content-type: text/html;charset=utf-8
set-cookie: route=9f8c829bfb3537f530509e8eaa83639a; Path=/
access-control-allow-origin: https://04320432.vip
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-168570913939c0
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxqSkMYpUahSuX0f5AVn6YVnUTwJTLbpy%2B2HLYccrVAvTrKtcYyrP3OmkNKyKfw%2F7kJC4SmjAgxO59ARmPGRzAN6O8VHDfL8VjrNyfYj5grusnwe3t8ifLr9GdUm4o8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7e879451c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=555921d7315678df83c6911ebead53d8&wsTime=1685709138 | 104.250.44.1 | 200 OK | 538 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=555921d7315678df83c6911ebead53d8&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 31 x 30, 8-bit colormap, non-interlaced\012- data Hash892feea4e5200bad99b81a1d0f08de44 f0ab65687dae79bb8d17acee21af91861382c55d e353da507c7cd437813dae33a058d8b1b7c41aeab30489499abb99b0d542699e
GET /ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=555921d7315678df83c6911ebead53d8&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 538
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-21a"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 1fa245d8ddb134dd7e49083106bfaad6
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=ffe0adb895733f6f691713cb52207908&wsTime=1685709138 | 104.250.44.1 | 200 OK | 19 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=ffe0adb895733f6f691713cb52207908&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3\012- data Hashd06d179cfd809dd45cd071fd1aefb40a 343efa5fdbe90c21443d4ab53ca3e1bb579d973f 6c0365335149978f1ab9b2980e13e95dea2538c2e21a54e7ddeb33ca21a1b039
GET /ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=ffe0adb895733f6f691713cb52207908&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 19222
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-4b16"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 53d936a81a93dcc058eb20fead80ec03
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=e250ba9d1e42d608d10b1a48cd551679&wsTime=1685709138 | 104.250.44.1 | 200 OK | 543 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=e250ba9d1e42d608d10b1a48cd551679&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 35 x 30, 8-bit colormap, non-interlaced\012- data Hash730071bbc93fe62be758c91e08e477e3 809ece67f2e7ae25f91de7ae082ab63b43068591 e02f4603a6ce557ca57f7aab0a3359d4baeb77abd4f3c9e0b9af59c2dffcccef
GET /ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=e250ba9d1e42d608d10b1a48cd551679&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 543
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-21f"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 262c43dcb4d8c8156619612b148f9370
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=be493cc192aff1af5d35dd64f449843d&wsTime=1685709138 | 104.250.44.1 | 200 OK | 1.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=be493cc192aff1af5d35dd64f449843d&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 28 x 33, 8-bit colormap, non-interlaced\012- data Hash7cc35487e902b5a225eb1c7bafcab384 c93a1544416caff36cf704c2d9361d7acd0b1fc0 3acedbde98f248f7dd0167f15dd644e473a9455b23c3d44056c7b383712fa32b
GET /ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=be493cc192aff1af5d35dd64f449843d&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1704
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-6a8"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: a6181a0810faeda934ceb67c642b817a
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=7716e81b5072bd66444d6cb37d4590b0&wsTime=1685709138 | 104.250.44.1 | 200 OK | 720 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=7716e81b5072bd66444d6cb37d4590b0&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Hasheafb012d74f2fccb8980ff1f5fe07ef4 81ce3388b2452316c98a04232e85fea66875a4bb cb620d60f10951a0d7adfa808e9591e672c5669c8e2701e39d0120c9474e8c17
GET /ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=7716e81b5072bd66444d6cb37d4590b0&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 720
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-2d0"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 86fa713cb23d8791db28018092e136cb
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=ead476d9c3bd0b44f26a25fae38af931&wsTime=1685709138 | 104.250.44.1 | 200 OK | 421 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=ead476d9c3bd0b44f26a25fae38af931&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1x606, components 3\012- data Hash3b818a8e981df7bd62b44be39b0c4c98 d833407d5ff08e4b5d6503951f01cd2f1c9ed3c1 fca542f60ac7b1d89c6806136f5faca8433dffe65687b921a973de952590f68c
GET /ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=ead476d9c3bd0b44f26a25fae38af931&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 421
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-1a5"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 61bff9fdae812db097af1375b55ab308
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=718d7b416845540f022339eecc286103&wsTime=1685709138 | 104.250.44.1 | 200 OK | 12 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=718d7b416845540f022339eecc286103&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 861 x 68, 8-bit colormap, non-interlaced\012- data Hash56c2eec7f48eb3d9671c0be5ae85122e 31673dee121aeefb578b0399c772b98bbea2d33f 59dccedf293c4425ced117b504ddd0d96d7e4460ba90cfe0f7c82173f35c9552
GET /ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=718d7b416845540f022339eecc286103&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 12448
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-30a0"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 4daed7009b3bdc4d022c20da6d1a4716
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=33dd6074a16f2e700938a058d9c80c6b&wsTime=1685709138 | 104.250.44.1 | 200 OK | 13 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=33dd6074a16f2e700938a058d9c80c6b&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data Hashf0f041843a33f8356cb6ad96fb74c2f5 42fd118f67208a2491b5fe3b8a9e30c0ae2e51b4 fbb999a8d57dbee751c035fd30e9c4bbdbb16f440f6886f285d540c33d4381f9
GET /ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=33dd6074a16f2e700938a058d9c80c6b&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 12679
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-3187"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: fb2df0c5761f92caeffcb6890af9de83
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=b7fa8e1b5946e96ee306f2a11d3e08f1&wsTime=1685709138 | 104.250.44.1 | 200 OK | 3.1 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=b7fa8e1b5946e96ee306f2a11d3e08f1&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 259 x 17, 8-bit/color RGBA, non-interlaced\012- data Hashd2523fd53cda5e60ebc8c997ecc48f82 eb77e52163a77ce43da2488259ca0d9f5be36e6b f6bbf2c57164cb4f4cbf26ab2deef162518af6ca4d803a45ab5e22f9086232b8
GET /ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=b7fa8e1b5946e96ee306f2a11d3e08f1&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3083
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-c0b"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642058
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b6aad2a92553fc0e7d2a33284cedc7ce
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=f53133aea1dee040c9e52001103b8b33&wsTime=1685709138 | 104.250.44.1 | 200 OK | 9.9 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=f53133aea1dee040c9e52001103b8b33&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 180 x 30, 8-bit/color RGBA, non-interlaced\012- data Hashefbea615018e4733d9c40d6bdb6c799f 6c97e61d83dba5f380bb943ffed709b75786b51c 9a87511ad5d13eff3b7693505f536d6f0f8a71846fe069973ce64983efa72b53
GET /ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=f53133aea1dee040c9e52001103b8b33&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9923
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-26c3"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642058
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 9467d7d91c39de95b3c5ccc8f0a4e386
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=5a6418b6a4d9cd28d27590e8cf92a2f3&wsTime=1685709138 | 104.250.44.1 | 200 OK | 12 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=5a6418b6a4d9cd28d27590e8cf92a2f3&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data Hasha02f1d45ed4ce0a8a2f9837cfa215843 57bd5aa4347c4fc913c6dce38df9d4d0ed467508 041b0bbe548392af8a849b349d4f68fd88d57481581f9d7c2839d77c2141139b
GET /ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=5a6418b6a4d9cd28d27590e8cf92a2f3&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11890
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-2e72"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 1ef295f90243966cc224ffc36c2156ef
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=dde123de30ad92f10130a62175ff404e&wsTime=1685709138 | 104.250.44.1 | 200 OK | 10 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=dde123de30ad92f10130a62175ff404e&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data Hash34e3bd0d952cf4bb9092e070e348d2cc 650132049dc41e5773763105171871671f3454a8 6647178c379774784e1d97b75ede766542a6bf070b1e53834864aab318daaafa
GET /ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=dde123de30ad92f10130a62175ff404e&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10488
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-28f8"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 28394ddd64f8fab6cfe97abd11ece7a6
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=671e5a89a5c271b85cc62011c3e95457&wsTime=1685709138 | 104.250.44.1 | 200 OK | 2.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=671e5a89a5c271b85cc62011c3e95457&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 302 x 40, 8-bit/color RGBA, non-interlaced\012- data Hash6527c1b3a7f70d7508197f67a446aff8 93f80378927881f42d5d505934456675e5b87c73 ebc5325574340a37dd6d9927b124a4891c1dfb7016988b033cf2e4932fc360eb
GET /ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=671e5a89a5c271b85cc62011c3e95457&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2203
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "631d86f0-89b"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 76966dc63b5e9d80553d26e4c36a4fd6
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=686bb7f0006387ffbbaa4841545ec0f3&wsTime=1685709138 | 104.250.44.1 | 200 OK | 6.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=686bb7f0006387ffbbaa4841545ec0f3&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hashc77f25179cb35f442d78c765405f197e a623a26a74bb807164c7d95e469a8c31be793a5f 7463103945d72f56abb34b0c17c335dde4bd28b73efa82170a6ffba5909e62eb
GET /ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=686bb7f0006387ffbbaa4841545ec0f3&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6682
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5f18304e-1a1a"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Wed, 22 Jul 2020 12:25:50 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b6df48de41de5248660dc3b7df477195
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=48b4492e38f487a5f00caa3d3373857a&wsTime=1685709138 | 104.250.44.1 | 200 OK | 3.4 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=48b4492e38f487a5f00caa3d3373857a&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hash713d3249f565ee6cdea22930f286ae6b d4c9e8b133d52da738b2514a18b9895562b93feb 4db2562253749f79c14ce870175325af50e48040e99b31aa5ddb25512b92dafb
GET /ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=48b4492e38f487a5f00caa3d3373857a&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3379
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "636cc24e-d33"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Thu, 10 Nov 2022 09:20:14 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642062
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: e2c66b53d7a84b0d46b66f53c77d8055
|
|
| 04320432.vip/favicon.ico | 188.114.96.1 | 404 Not Found | 2.2 kB |
IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text Hashd0d7e0e5b87fb1277e5d7b9777db33db 905d6532628cf4234070582ec5cd4e991ea9f4bd acfee72de19108403beed0c60e2624ef660a4dbd925f8709e887af56048cba53
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /favicon.ico HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=9f8c829bfb3537f530509e8eaa83639a; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 02 Jun 2023 12:32:20 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzoKTOPIwzg7Wmhm0xR1viGiVo5eZ9AwDDw5tYeDfAP4NhjDAFPignEEvb4W0wqoENi0stRMXbcS0CxqRyIHFh0MT4CRlmHjYIqbQBjIr%2FEQksGyAb34bSr2ajYWqGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fb7edbe661c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=a26c07dd60fc9baf65c3e20d53405db2&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.6 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=a26c07dd60fc9baf65c3e20d53405db2&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hash6367cd3c681901e312cb07b638199763 00c3a6f5637892f270fae08dce4b2d52bd3a9ab5 65f8fbc997841ff7e0c55ac7d409bf7769d7bc83e04473c740580c4ebda8b6da
GET /ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=a26c07dd60fc9baf65c3e20d53405db2&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4646
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5d848f4f-1226"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642062
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 7e21b417c36b0b2772184b3872ef20bb
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=a34752a104bc88922d6ccd439e32171c&wsTime=1685709138 | 104.250.44.1 | 200 OK | 5.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=a34752a104bc88922d6ccd439e32171c&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hasha2040151bcd2b19d418bd4fcd5ac9d8c 5b4601fb188d8f6eaf6c1fb16f2d0ec9f9d3082e bdd7e20d16f1020eb8333a37e789a166ec8db535318a09804279854caafdd854
GET /ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=a34752a104bc88922d6ccd439e32171c&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5727
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5e4ceeed-165f"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Wed, 19 Feb 2020 08:16:45 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 310e8656dc323753c696debfe13884e1
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=85691b30d814f839c69376a07d68a301&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=85691b30d814f839c69376a07d68a301&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hash851bc43c07207b0813c18bef2d19e93a b4a338be347c09b5c95145b1e8b387f7b731409b ce35caef3c0d1468ff4446343ab903d56e9bb9e31ff70c75fc568f8cbbc12a61
GET /ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=85691b30d814f839c69376a07d68a301&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4232
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "619df478-1088"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Wed, 24 Nov 2021 08:14:48 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 176e243b288ee2a3da5bc0cc12956f0e
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=d5a1702c2dc57a27218785dd11277573&wsTime=1685709138 | 104.250.44.1 | 200 OK | 6.1 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=d5a1702c2dc57a27218785dd11277573&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hasha76ef82febe3f738505be4fbe5f937c9 fd03a2b51bec9d07c359692dc6c3347a163fbc90 3b615683d2d685ff22698be0b84d7ca39d057faa0d614d41c83c51ca06f412f9
GET /ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=d5a1702c2dc57a27218785dd11277573&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6121
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5d848f4f-17e9"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 7fbe9b030e9eb8e2c1c98f350697222b
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=fa5b55cefad02c571f5f0d946efddb83&wsTime=1685709138 | 104.250.44.1 | 200 OK | 95 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=fa5b55cefad02c571f5f0d946efddb83&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 302 x 131, 8-bit/color RGBA, non-interlaced\012- data Hash7342be391839a9f3577416ecec727997 e8787b6f61f92a5b0104e584c0bb6ef5fef95cd7 2a35483ce4e6048fe99173aaca64ac50c66f27e108d6986183013c689177dcd2
GET /ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=fa5b55cefad02c571f5f0d946efddb83&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 95223
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-173f7"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 54c4b2da764052e7e38691a1f9fc67df
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=f69bbb8e3793c8f2cfc743f828baccbf&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.5 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=f69bbb8e3793c8f2cfc743f828baccbf&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hasha6d5dc01fb05c1594b4463047f0d4ca9 0c2c51e152822d6ff838939bdaac4bc8c9daa6a7 4514baa50c78ce7ba02287adb13f677f79490f3b27eb47434c8174c808112536
GET /ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=f69bbb8e3793c8f2cfc743f828baccbf&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4502
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "6253c645-1196"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Mon, 11 Apr 2022 06:10:13 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 38303b5698df2fef4c9fa01d3cff6193
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=4f12cfcf44d3990f437b0dab5467bc03&wsTime=1685709138 | 104.250.44.1 | 200 OK | 5.2 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=4f12cfcf44d3990f437b0dab5467bc03&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hash2b49878c65b37d8436f02176aab24863 b3f87149ef0f58c09a1a8c0047a0b92d0099db70 a21a5acef7ac66b0e8b9a4f1e959cf0c911de622d02c30c9448eca21022058cc
GET /ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=4f12cfcf44d3990f437b0dab5467bc03&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5241
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5d848f4f-1479"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: b389468e3a9dd630610e3d2306e1be6c
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=ab083b25a0f6edcee4e37e32a9fdd859&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.9 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=ab083b25a0f6edcee4e37e32a9fdd859&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hashfbc974184b18d827643872da1d2739b3 746e2c9f0a914a235ce40cc05c49f6db9eca3042 e47f831e00225a9098d4476a48e06eddc6868f480fd2983ed9b3a5a695673c08
GET /ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=ab083b25a0f6edcee4e37e32a9fdd859&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4876
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-130c"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 8490e1c1b0c35d2dad3315f8288fcbd3
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=1df5a5bf4afcd61e18674fba1ec923d0&wsTime=1685709138 | 104.250.44.1 | 200 OK | 5.0 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=1df5a5bf4afcd61e18674fba1ec923d0&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hash8f67f5e64a8f4d60603b0a6e1c38e6ee f9c32ab52c3abeb39d8c5d63dd15bc3ad6d405dc 7b199776ac719337083313728c34ba2b41aa1b022628e74116fd6c0ff5d07bfd
GET /ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=1df5a5bf4afcd61e18674fba1ec923d0&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4991
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-137f"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 84c8bbc351e37cf22283c44c62019734
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=30cfd1c33b5ac7b1f5e5c33ee7c5f37e&wsTime=1685709138 | 104.250.44.1 | 200 OK | 6.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=30cfd1c33b5ac7b1f5e5c33ee7c5f37e&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hash63c298e01595b32f4f2971eb27f783fe 9adc401ac856b459f1cfb38aed5e3cfd06638370 b9d963160361f311bae0eec8d26862cfeebc48ba2550923850c16a05bf362ff1
GET /ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=30cfd1c33b5ac7b1f5e5c33ee7c5f37e&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6693
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-1a25"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 4cf56dc084984866b7528beac423810c
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_casino.png?wsSecret=5f3a0b4c84060e892c0940d7c788e998&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.5 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_casino.png?wsSecret=5f3a0b4c84060e892c0940d7c788e998&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hasha7e7b05569568ecd0b1ead75fb95c09b 04f1c9f182fa92bdd50b077832c94b35ef883e54 d5745f287627927eed249abd81eb1157e35b802e39c7b41c3eb0ebc3c828650d
GET /ftl/bet365-1513/images/footer_title_casino.png?wsSecret=5f3a0b4c84060e892c0940d7c788e998&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4534
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-11b6"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 72910b24be819b486722ccba7f283e76
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_sport.png?wsSecret=469fb6b9c264ad9efab547fb3d0d0447&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.4 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_sport.png?wsSecret=469fb6b9c264ad9efab547fb3d0d0447&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hash2cd1ba94626259c8da256ce96f29c1d3 e5df37b38f73118dd9b8a01df3bfa89c2b8ca7b3 da5b51a8701850aa23830fe79ec24cfd3eb1e8bc873aeef301cb9b8a5bfb2c1b
GET /ftl/bet365-1513/images/footer_title_sport.png?wsSecret=469fb6b9c264ad9efab547fb3d0d0447&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4376
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-1118"
Date: Sun, 14 May 2023 12:24:42 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:42 GMT
Age: 1642059
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: bae80b3d3f486f12cd82b2142595fee9
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_live.png?wsSecret=749858883b74461bee76ce4d9405f841&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.7 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_live.png?wsSecret=749858883b74461bee76ce4d9405f841&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hash50131f6464f919d825a3a4e6df880e3b 873858bc4f2468bf96ab561fe7c7846affb0c28e 6c7a853c7aee278b699cc5ecc219a8302f130ba4cfa74e7db189e68cef092bd5
GET /ftl/bet365-1513/images/footer_title_live.png?wsSecret=749858883b74461bee76ce4d9405f841&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4722
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "613c72a9-1272"
Date: Sun, 14 May 2023 12:24:41 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:41 GMT
Age: 1642060
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d52f6f3a09fff6c0939781c2e9c1dc33
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_help.png?wsSecret=c9b334c48f0e71130398d3c5100f1e30&wsTime=1685709138 | 104.250.44.1 | 200 OK | 4.3 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/images/footer_title_help.png?wsSecret=c9b334c48f0e71130398d3c5100f1e30&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data Hash5b44dd263dd1cf25933f2e2190f5170e 8abfc08b3e807ab38b6f21cb7800d358ee7e49aa 31dd526cb7fffa943e6d8f9ea3f64b5570e60a20ed4641030fd83b11be27b62a
GET /ftl/bet365-1513/images/footer_title_help.png?wsSecret=c9b334c48f0e71130398d3c5100f1e30&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4254
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-109e"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: d12aff979b4e775c36765463bcb2514f
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=03cbef780b0c9cfc49f51afea30e80b7&wsTime=1685709138 | 104.250.44.1 | 200 OK | 487 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=03cbef780b0c9cfc49f51afea30e80b7&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash781062dc23675b1bce34ae394fb04e88 ae4ce5f36facd039efdb9ca4ba4fcfa5f310b9b4 14cd3b391a10d10314e70f1252e5e90525b280d4a4b5328097c0c0f2d5f28a79
GET /ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=03cbef780b0c9cfc49f51afea30e80b7&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 487
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "6311d300-1e7"
Date: Sun, 14 May 2023 12:28:48 GMT
Last-Modified: Fri, 02 Sep 2022 09:55:12 GMT
Expires: Tue, 13 Jun 2023 12:28:48 GMT
Age: 1641813
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 630580276d6fb254e9d43191618e919a
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10006/1602402993685.jpg?wsSecret=b26b2f820906a4720a7d83824691368d&wsTime=1685709138 | 104.250.44.1 | 200 OK | 116 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10006/1602402993685.jpg?wsSecret=b26b2f820906a4720a7d83824691368d&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x260, components 3\012- data Size116 kB (115939 bytes) Hashccc2116edd817247c7ae96f3a2e91b51 76ea32e403147533e138a368e4ed03969dab91ae 7a42fc7ac691a932a2e2a620b4e7e742e1b45201464a2245f7cdac30107af5a3
GET /fserver/files/gb/1513/carousel/10006/1602402993685.jpg?wsSecret=b26b2f820906a4720a7d83824691368d&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 115939
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "637d4ce5-1c4e3"
Date: Sun, 14 May 2023 12:24:40 GMT
Last-Modified: Tue, 22 Nov 2022 22:27:49 GMT
Expires: Tue, 13 Jun 2023 12:24:40 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 8dd90fcd0943e7ec1fc5698235ae0109
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10005/1602403003954.jpg?wsSecret=87abd3399247fa46fc7d8567821cd372&wsTime=1685709138 | 104.250.44.1 | 200 OK | 101 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10005/1602403003954.jpg?wsSecret=87abd3399247fa46fc7d8567821cd372&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x260, components 3\012- data Size101 kB (100797 bytes) Hash4ffb81c59247e73fabdf34dda428d56f c528cc030bb3ed3ce18be7ee5587563c3c3f04e1 8143cf083007e4fdfb36b78db3234bfe936b87d53b8f233fbb11b6d07ae471ec
GET /fserver/files/gb/1513/carousel/10005/1602403003954.jpg?wsSecret=87abd3399247fa46fc7d8567821cd372&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 100797
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63632993-189bd"
Date: Sun, 14 May 2023 12:24:43 GMT
Last-Modified: Thu, 03 Nov 2022 02:38:11 GMT
Expires: Tue, 13 Jun 2023 12:24:43 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 1ffa619a6a253c5eb9f589feb8e60e6a
|
|
| 04320432.vip/headerInfo.html?t=liejp4qq | 188.114.96.1 | 200 OK | 116 kB |
URL GET HTTP/304320432.vip/headerInfo.html?t=liejp4qq IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typeJSON data\012- , ASCII text, with no line terminators Size116 kB (116374 bytes) Hashc16f479985c0b14689c0272e45c42ae5 ff82d3582d503f48bd04c99af245e369040d46c4 a6b55c38c0085dd6449923fd6ebdd0074f8c3ee05f9fb96229ed25e3993c6e19
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /headerInfo.html?t=liejp4qq HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-disposition: inline;filename=f.txt
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-1685709140c5f1
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc%2FfyrlPOFRlUudgXo5YP9jLMXW7tbhWPTAwrau1n%2BQV5DoJmgEdvoa6iCTV4WGzhOZa4GLIE%2F5NqG51Qv20V%2FNxupO%2FnCVDKTAlx7hTMBZUb1zjHErMnmwvV7%2B2TV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7ee4ef91c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 04320432.vip/mobile-api/v5/origin/loginSwitchCheck.html | 188.114.96.1 | 200 OK | 174 B |
URL GET HTTP/304320432.vip/mobile-api/v5/origin/loginSwitchCheck.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash384b8edc0425027ea8363c2a3a1ccc8a 8fd8da38388b633453e57836f639a9105eba15c4 37a39fed46764175ca6e8cb7cd92deaebe855c5151b6154d65b5f42d8dc46519
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:20 GMT
content-type: text/html;charset=utf-8
set-cookie: route=181dd5ae39c7acd81ad5ca039c14a954; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-16857091406c66
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSofRemHORkMpFkz8RECxNp8gOX%2FancJ%2FyM%2FRswz1%2B9qHMLYy8YDmhWC6%2Bnc97b3D7Lb1SnbvR%2FmnX7cqS%2Fljj2qXC9xb8sfvRyfSYa%2F4EteM%2BIriBylyxphMOyYT80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7f0a9d31c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.132.218 | 301 Moved Permanently | 310 kB |
URL User Request GET HTTP/2IP172.67.132.218:443
CertificateIssuerGoogle Trust Services LLC Subjectbb04329.com FingerprintEF:16:6C:27:89:D7:ED:02:00:09:FD:3B:B1:97:3A:35:67:E3:5C:1B ValidityWed, 17 May 2023 17:37:02 GMT - Tue, 15 Aug 2023 17:37:01 GMT
Size310 kB (310332 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET / HTTP/1.1
Host: bb04329.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 02 Jun 2023 12:32:14 GMT
location: https://cc04323.com/
cache-control: max-age=3600
expires: Fri, 02 Jun 2023 13:32:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JyLNauTaywmpnNx6kxzI2%2B3DFzDOhWLbQmJXm5NR%2F1BzO6REIOXPwCHHDvY5cYcUk0GYzY%2BaALwtHK7WW6m871WClWDZdm98KfneKcQN0GIc8cDVOk6MrYPaehxIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0fb7c8a8b1b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=5ad1876c0c565e5a7d1b58ee6bfe2062&wsTime=1685709138 | 104.250.44.1 | 200 OK | 2.1 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=5ad1876c0c565e5a7d1b58ee6bfe2062&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data Hashb224f5c6f0321dba6c0730cfb52c5caa 06fc8641b0f75514db0e2de37f2f8821484b0824 f5af43e1319fd7352f90632ea4541e479a30a664cda3be710869bc54b3c4bb21
GET /ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=5ad1876c0c565e5a7d1b58ee6bfe2062&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2145
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "619df478-861"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Wed, 24 Nov 2021 08:14:48 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: e72b84148de1ef810c3ae00a595ffcbd
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10004/1602403015403.jpg?wsSecret=48e9b110eb48816d5bcea6c742950b64&wsTime=1685709138 | 104.250.44.1 | 200 OK | 116 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10004/1602403015403.jpg?wsSecret=48e9b110eb48816d5bcea6c742950b64&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x260, components 3\012- data Size116 kB (116149 bytes) Hash9237b8b021623d846b775a68cf12cd1e 07c099da1ebacc0888572a81414424667f91f87f a72d95230c74148b55ff77c94af0a1a9404ab4c69da04756e3169f9934ac069e
GET /fserver/files/gb/1513/carousel/10004/1602403015403.jpg?wsSecret=48e9b110eb48816d5bcea6c742950b64&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 116149
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "637d4cb6-1c5b5"
Date: Sun, 14 May 2023 12:24:45 GMT
Last-Modified: Tue, 22 Nov 2022 22:27:02 GMT
Expires: Tue, 13 Jun 2023 12:24:45 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 8b98f2ac0c76ff38e042b92e7baf15f9
|
|
| | 188.114.96.1 | 200 OK | 310 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
Size310 kB (310332 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET / HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 12:32:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-html-cache: HIT-3600
x-frame-options: SAMEORIGIN
uuid: -
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxnkCcPZ1QkbC4gg65d3x8xhkZHLWqV8arAVi4efljm7iOFVJaS2RlQBUm4k7s9JpxRVrou0Xn8kLYnY5yr8vhV6U67GJT%2FwkEqAPqfmtabMshugy4w5IZyPu3r4Xd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7caace80b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 04320432.vip/index/getUserTimeZoneDate.html?t=liejp4ij | 188.114.96.1 | 200 OK | 119 B |
URL GET HTTP/304320432.vip/index/getUserTimeZoneDate.html?t=liejp4ij IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash081f13203c57695f1fa08aca3fa5af01 25deea228fd41612d1b53fb86cc4faa457eaf52f 9b3ea641c4044687449de183ed4a0de42933be0a4a2d0999fea904ea9bf41170
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /index/getUserTimeZoneDate.html?t=liejp4ij HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=9f8c829bfb3537f530509e8eaa83639a; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:20 GMT
content-type: text/html; charset=utf-8
set-cookie: route=29c626d4e884fe4301eb6b56b4d56981; Path=/
content-disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-168570914011dd
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zgS11M7vI3W6XxiifLWcvgseLwzYK3EgeN3BNKDtPwNINyq9qV%2F4%2BoPzH1%2FXoRdViaI3Yd07KRxvH428e8pxse2auxxZ3Xe0cytVIx9jBRBivTPkarKF687pYYhRcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7ec7d391c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10021/1685339869035.png?wsSecret=8cbecfda7867248ab98a93cc46c911f6&wsTime=1685709138 | 104.250.44.1 | 200 OK | 107 kB |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/fserver/files/gb/1513/carousel/10021/1685339869035.png?wsSecret=8cbecfda7867248ab98a93cc46c911f6&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 686 x 503, 8-bit/color RGBA, non-interlaced\012- data Size107 kB (106921 bytes) Hash735e0a9c6cd3fb200628f3f82b92a5ce 966e5bd081e5914705b015722d761922ddd24eea 9393c76aa1b676797dd5a7c238c76d8a0ef8e5bec13ddf2c8e6aa995500d285b
GET /fserver/files/gb/1513/carousel/10021/1685339869035.png?wsSecret=8cbecfda7867248ab98a93cc46c911f6&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 106921
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: "64743edd-1a1a9"
Date: Mon, 29 May 2023 06:18:57 GMT
Last-Modified: Mon, 29 May 2023 05:57:49 GMT
Expires: Wed, 28 Jun 2023 06:18:57 GMT
Age: 368003
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 66c23c1500cad71832a899bf362046ae
|
|
| 04320432.vip/mobile-api/v5/chess/getActivityMsg.html?function=sign | 188.114.96.1 | 200 OK | 140 B |
URL GET HTTP/304320432.vip/mobile-api/v5/chess/getActivityMsg.html?function=sign IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash8a912a1cb453f1d332c69c6fdd0d3629 8a7da066c09ed0ce711f0524fc7273e814dc89f6 51e780a944436376a888e7053614f95fce8236591338ec92946f937a3650a072
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:20 GMT
content-type: text/html;charset=utf-8
set-cookie: route=9f8c829bfb3537f530509e8eaa83639a; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-16857091405948
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Aw%2F80hBOHl8%2FFKgjz0HjzhMJrc6jlIO6d8N0gO%2Fyh2S3CyFW3oB9p5IGxtK8HzCPAPNAwIyHwSxkZHBhGy0mtAzsvOQ0vEXVky%2FpXniFaiwRJyx8zEfnXMHHy7MQLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7f089bd1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 04320432.vip/mobile-api/v5/origin/getThirdParam.html | 188.114.96.1 | 200 OK | 103 B |
URL GET HTTP/304320432.vip/mobile-api/v5/origin/getThirdParam.html IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash696fb49ead30121d5513e1c2b60d42a2 dd34a288bf6b0e4c295c1bb848705f58ba5f245d c030ec18bd43fe0351659670355a8fc897e26b6a34b990e8a4878a51b76a268d
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=181dd5ae39c7acd81ad5ca039c14a954; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:21 GMT
content-type: text/html;charset=utf-8
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-16857091412a63
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuRZQtOueNzUnbzKCAT1sa175ArI7AAeDYp2S%2B0Emb3D%2BBlT9PJN4olLJ4mayYMDEyLOmm5WK4dQLOlBv3j3YSEJui%2BiaSwJ3V8TMdD6HYZWbtncy2nWRC5Uc3Dm4KY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7f28c2c1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 04320432.vip/index/getAppsUrl.html?device=android | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/304320432.vip/index/getAppsUrl.html?device=android IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subject04320432.vip Fingerprint66:9A:01:FD:25:A3:A2:90:FB:85:22:44:40:03:9A:BC:9F:50:E7:6D ValidityTue, 09 May 2023 11:45:45 GMT - Mon, 07 Aug 2023 11:45:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1136), with no line terminators Hash4b3378934ce202247799e986a9eb64de 150f28b97af1f9cc1bf4a84d415c67e3e3ae2896 f95091e3f5c27fbd1a7f45342e06ea67dbd3b75c603ab4a2e01fe82205e6da45
Analyzer | Verdict | Alert | openphish | Bet365 | |
GET /index/getAppsUrl.html?device=android HTTP/1.1
Host: 04320432.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1; SID=Yd5CRboOe8D/iHjGaI+HlEx1075tpXp11Xvg9oZu//r4Tx2TFTu29y+wamjAiApCgWo6KVaxfZv6MwDa1fjZfejUunc9mnlUQSxdp5FEYM4axUlya3Y=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:32:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-disposition: inline;filename=f.txt
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01513-01-00000000-16857091394465
out-line: gb-source-106
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKHKGvbZGWpVpomrnUN1ogKnmLDFt4baLqX529UmtcxYaSFPcrbDGvm%2F5DKcDY0EVRnEwBkVAciRyTdNG9DVU3RtsFH094aDjfmhe%2FLWRU559EzObGL3Whe1ZmPGtuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0fb7e8a97c1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/member_login.png?wsSecret=2d6ed155ea82b8bf2bdacc302f60699c&wsTime=1685709138 | 104.250.44.1 | 200 OK | 680 B |
URL GET HTTP/1.1etmqz9.gaokejd.xyz/ftl/bet365-1513/themes/images/member_login.png?wsSecret=2d6ed155ea82b8bf2bdacc302f60699c&wsTime=1685709138 IP104.250.44.1:443 ASN#137280 Kingsoft cloud corporation limited
CertificateIssuerSectigo Limited Subject*.gaokejd.xyz FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03 ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File typePNG image data, 169 x 34, 8-bit colormap, non-interlaced\012- data Hashdd8380feb68da72f3f8fe960f611ce7c 707651dea23c986d71afe91337a2822d3945b552 f25f16a3e8f11c5e37793ddbaf9351a915d8df2e1c8d39cac01dadd255de9573
GET /ftl/bet365-1513/themes/images/member_login.png?wsSecret=2d6ed155ea82b8bf2bdacc302f60699c&wsTime=1685709138 HTTP/1.1
Host: etmqz9.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04320432.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 680
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "613c72a9-2a8"
Date: Sun, 14 May 2023 12:24:39 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Tue, 13 Jun 2023 12:24:39 GMT
Age: 1642061
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f578d592726694b39d6682daa87af2c4
|
|