firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 14:10:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A3biYuTMOJaQlsNUWynuQoFTKdYYlxdbszUt16YsP2JBlKqQ9nRbhA==
Age: 2239
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10392
Expires: Thu, 15 Sep 2022 17:40:57 GMT
Date: Thu, 15 Sep 2022 14:47:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WKMO2Ql6M5N0x5ls5-L-JAN3nQtbxUaPyqWU-y9pG3dBdBWJDRVsCA==
age: 36750
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 14:47:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
x04320.com/?__CBK=3388cdc530e8cbec007ef99ab3f797b941663216281_10746384
154.215.17.93301 Moved Permanently 0 B URL HTTP/1.1 x04320.com/?__CBK=3388cdc530e8cbec007ef99ab3f797b941663216281_10746384
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=3388cdc530e8cbec007ef99ab3f797b941663216281_10746384 HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Thu, 15 Sep 2022 14:47:20 GMT
Location: https://x04320.com/
Content-Length: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 14:03:22 GMT
Expires: Thu, 15 Sep 2022 15:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KgWTBrzMmePaI0P9FAlOETKGTH_xI5VO5Uy1TieQuferLigMbUfZsA==
Age: 2664
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4575
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 14:47:46 GMT
Last-Modified: Thu, 15 Sep 2022 13:31:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8Z2QQKPMWlTK65nsC3bzEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cXRbyzY7uzTwOvn4iRJb8SMpo4Y=
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 02f204bb5e412ca6b76d371f5c12ec16
f4a3d6a104c96a028b6c1ed144ad4142a3a6aaf3
a38d5eb52e1da30ce08aacc4dc566982ea3109f591ebf660e6dd67b956078c9d
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Thu, 15 Sep 2022 14:47:47 GMT
last-modified: Wed, 14 Sep 2022 02:14:34 GMT
expires: Wed, 21 Sep 2022 02:14:33 GMT
etag: "f4a3d6a104c96a028b6c1ed144ad4142a3a6aaf3"
cache-control: max-age=594464,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 74b228d6aff49bbc-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1663253267
via: cache11.l2de2[38,37,304-0,M], cache4.l2de2[39,0], cache8.se1[59,36,200-0,C], cache1.se1[38,0], cache4.se1[40,0]
age: 0
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 15 Sep 2022 14:47:46 GMT
x-swift-cachetime: 1801
timing-allow-origin: *, *
eagleid: 2ff62c9816632532669636663e, 2ff62c9816632532669636663e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 02f204bb5e412ca6b76d371f5c12ec16
f4a3d6a104c96a028b6c1ed144ad4142a3a6aaf3
a38d5eb52e1da30ce08aacc4dc566982ea3109f591ebf660e6dd67b956078c9d
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Thu, 15 Sep 2022 14:47:47 GMT
last-modified: Wed, 14 Sep 2022 02:14:34 GMT
expires: Wed, 21 Sep 2022 02:14:33 GMT
etag: "f4a3d6a104c96a028b6c1ed144ad4142a3a6aaf3"
cache-control: max-age=594464,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 74b228d6aff49bbc-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1663253267
via: cache11.l2de2[38,37,304-0,M], cache4.l2de2[39,0], cache8.se1[59,58,200-0,H], cache1.se1[61,0], cache8.se1[63,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:4:65049242
x-swift-savetime: Thu, 15 Sep 2022 14:47:46 GMT
x-swift-cachetime: 1801
timing-allow-origin: *, *
eagleid: 2ff62c9c16632532669351056e, 2ff62c9c16632532669351056e
x04320.com/
154.215.17.93200 OK 1.4 kB IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash c4216ef8df4ed839f49b6f6eafe7533d
585a6043537ac6a24bc9c28bc4877dd1a2a6b42b
29d68907a5f4493da0d22196706f369d187b95800d0ae5e6aec4f65502804cac
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
x04320.com/favicon.ico
154.215.17.93200 OK 1.4 kB IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash ce719cfa793f8a7ef84def48938b44f1
9d45e9245a3bb4598e306bb578730bd1de4e4001
cc2a81b53e4c9da18a9154e0808e6e73cba698965b578f84b8068824052d595a
GET /favicon.ico HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b4eed58b61d5b83ee76acc95859d7bf
e7b7cfeaa2c704cd6092846cbec314689d0504b3
f99e45e7102d04339cd5c11123d84714b27621e287633a4c18fa38ceb161eb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F99E45E7102D04339CD5C11123D84714B27621E287633A4C18FA38CEB161EB59"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Thu, 15 Sep 2022 16:41:43 GMT
Date: Thu, 15 Sep 2022 14:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b4eed58b61d5b83ee76acc95859d7bf
e7b7cfeaa2c704cd6092846cbec314689d0504b3
f99e45e7102d04339cd5c11123d84714b27621e287633a4c18fa38ceb161eb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F99E45E7102D04339CD5C11123D84714B27621E287633A4C18FA38CEB161EB59"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Thu, 15 Sep 2022 16:41:43 GMT
Date: Thu, 15 Sep 2022 14:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b4eed58b61d5b83ee76acc95859d7bf
e7b7cfeaa2c704cd6092846cbec314689d0504b3
f99e45e7102d04339cd5c11123d84714b27621e287633a4c18fa38ceb161eb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F99E45E7102D04339CD5C11123D84714B27621E287633A4C18FA38CEB161EB59"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Thu, 15 Sep 2022 16:41:43 GMT
Date: Thu, 15 Sep 2022 14:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b4eed58b61d5b83ee76acc95859d7bf
e7b7cfeaa2c704cd6092846cbec314689d0504b3
f99e45e7102d04339cd5c11123d84714b27621e287633a4c18fa38ceb161eb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F99E45E7102D04339CD5C11123D84714B27621E287633A4C18FA38CEB161EB59"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Thu, 15 Sep 2022 16:41:43 GMT
Date: Thu, 15 Sep 2022 14:47:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b4eed58b61d5b83ee76acc95859d7bf
e7b7cfeaa2c704cd6092846cbec314689d0504b3
f99e45e7102d04339cd5c11123d84714b27621e287633a4c18fa38ceb161eb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F99E45E7102D04339CD5C11123D84714B27621E287633A4C18FA38CEB161EB59"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6836
Expires: Thu, 15 Sep 2022 16:41:43 GMT
Date: Thu, 15 Sep 2022 14:47:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 58268
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 61262
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a76383eca28732b4f7847139f12a5cb
6c1ed76ca3c29af41ef4031eaea6b9040465517b
5d205ffc5a3177111f640f270fd0204eef790e531f69299d3de075f9387df966
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcede4553-e9f1-4ab1-9d0e-2f0bfae52d09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8010
x-amzn-requestid: 498e0a9a-7fd6-4a08-9111-91020cbebdf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB59FiWIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249d9-737b49125f659cb64d1de09a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 00umrLhokJupvMnUqbr6USmX2WBDQfwfpDXAr2QjRhfv48JMN2DlKA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:47:01 GMT
age: 61246
etag: "6c1ed76ca3c29af41ef4031eaea6b9040465517b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 61362
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 66370
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 58916
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
x04320.com/?__CBK=3c61a2276ecd6a83775882a866a6a56001663253241_11264458
154.215.17.93302 Found 0 B URL HTTP/1.1 x04320.com/?__CBK=3c61a2276ecd6a83775882a866a6a56001663253241_11264458
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=3c61a2276ecd6a83775882a866a6a56001663253241_11264458 HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Content-Length: 0
Location: /
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 7be936bff60d5915801c5590ac6c4839
6dc1370e64067b4dc3f0e8522b9ee0922602fa2d
b397531d5514e74800de0d4fa978a79f50ef5f6087436a907ff415ac7e32b671
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Thu, 15 Sep 2022 14:47:50 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 7be936bff60d5915801c5590ac6c4839
6dc1370e64067b4dc3f0e8522b9ee0922602fa2d
b397531d5514e74800de0d4fa978a79f50ef5f6087436a907ff415ac7e32b671
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=887
Date: Thu, 15 Sep 2022 14:47:50 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 7be936bff60d5915801c5590ac6c4839
6dc1370e64067b4dc3f0e8522b9ee0922602fa2d
b397531d5514e74800de0d4fa978a79f50ef5f6087436a907ff415ac7e32b671
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Thu, 15 Sep 2022 14:47:50 GMT
Connection: keep-alive
X-N: S
5mjjun.rbjgb.com/ftl/commonPage/themes/gui-skin-default.css
163.171.140.79200 OK 6.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/themes/gui-skin-default.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Hash faa813178ade8cea14681048003402fc
24cb2b87562ec77adf96712159c1c3af38be18d0
d174049c6e24abcca0cae9c67f3b5009a58d63a21e31c987ba1cd674446dbb96
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:05 GMT
Last-Modified: Tue, 08 Dec 2020 01:20:12 GMT
ETag: W/"5fced4cc-7b2e"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29246-39165
5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
163.171.140.79200 OK 16 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (11889)
Hash 2edb491223d979de485a00175cf91fea
c5f4069cf004abdbc388f5e52b70bbba95f697f7
6a5fc90ba50679f82d521b27a1544b0f64646d50f5ec118b35b83c0d90a2d4b2
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:05 GMT
Last-Modified: Mon, 29 Aug 2022 08:05:14 GMT
ETag: W/"630c733a-13018"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29009-52119
5mjjun.rbjgb.com/ftl/commonPage/themes/hongbao.css
163.171.140.79200 OK 5.4 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/themes/hongbao.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (336)
Hash 46836a29169bcda7f0f5d51a6da6dcc8
3a005e1fdb9c19fa4280ab6863bd6866bbbc9b7a
a8f12309c5b8668b9b3ddd20c9191ea3f34b65f19aa138d12b5fbf6e67be2c44
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:05 GMT
Last-Modified: Tue, 08 Feb 2022 01:25:14 GMT
ETag: W/"6201c67a-c4b3"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29009-52122
5mjjun.rbjgb.com/ftl/commonPage/themes/gui-layer.css
163.171.140.79200 OK 6.8 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/themes/gui-layer.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (489)
Hash 110d22bfddbe4b9471970692e754e98a
1ef210fcbaec614c82d5c4742942c273afaac014
85dba37cbd82a5786c6b82f6267493b1ff2432d9983c32a7a19c6578048b74b7
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5mjjun.rbjgb.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:05 GMT
Last-Modified: Thu, 21 Oct 2021 06:25:10 GMT
ETag: W/"617107c6-c380"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29246-39168
5mjjun.rbjgb.com/ftl/commonPage/js/float.js
163.171.140.79200 OK 1.9 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/float.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 8b4e801d5503887441bd73cf271e664e
a46e84fc4fc0f786dfccb475aedbae067cca84bc
2037542592a6f0b6b63e3cb1151dd3bc9f9906fe4304a8fdffe2332f19fb14bc
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:45 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
ETag: W/"612747ba-1b2f"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml62:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29246-39170
5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
163.171.140.79200 OK 34 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (32038)
Hash ddc1e8fce07f211afd9c03035149256d
bb86a4eed0e665d56cf8f4b211556f6876f7fda0
a4fe9a045492402a80e14d3821974814dbfc12f3f435fb448356ed97ce66a81a
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-176d4"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:21 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29009-52124
5mjjun.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
163.171.140.79200 OK 12 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (32030)
Hash bdc1b3c51317fbcdc9adfc6a6b6cbd55
73b40ee99272efcaef069f00e94723ca214edd2c
80b0cffc2c782c23aac9b7b667ebe14818bf1ee007db0b7a3fe025173ff655f7
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-b07e"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ef124:0 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29246-39171
5mjjun.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
163.171.140.79200 OK 4.0 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 3a90921abc0a5219ad4e664bde3e21e0
ffbc673a0954970a87f93506625f066522959388
41f06410d8adf8c53247dbe6c9972165e4a9835c8089cf5bac8198900aaabeb5
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:45 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
ETag: W/"60f60fb5-43bc"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml62:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_29009-52130
5mjjun.rbjgb.com/ftl/commonPage/js/gui-base.js
163.171.140.79200 OK 16 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/gui-base.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type HTML document, Unicode text, UTF-8 text, with very long lines (11041)
Hash 19e66c044fc9fc7ce9ea5cf7bd78d95e
9db2e2c21aff19d26a4c5fcb0a38c872d2223fcb
560a4d32861a43072d4e6a75cf6bbe431fac1140895b0cfacef736018a0aca1b
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-ee4d"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml62:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39173
5mjjun.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
163.171.140.79200 OK 5.0 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (20132), with no line terminators
Hash 8f17b626f7567907c75744e49f2a3f82
7721233d4187213262bc270a30d51bd591aaa688
d6001c5431433a6dfce869da8a9467baa51debc3220e116066afe060d4919f73
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-4ea4"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PSxgHK5sn200:4 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52134
5mjjun.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
163.171.140.79200 OK 3.3 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 902ae6c577ffaad07a9ff299ce0ab884
294c86c2fc8dc7e2aacf10bef6334e43466819f4
225efabd27ce5d8f1e842efd8c5b987761e56ef00f0dcf0e38c10766d29a7904
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
ETag: W/"6260ddd4-2f13"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49634
5mjjun.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
163.171.140.79200 OK 797 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 1be1d6290006e67bcb2facdfa571a4d1
f5ae95ab95254a0834b9155e3594ef814f8c6837
02cb7cdd1b17375d306f6a4e3a16ba8b064166fceffd4bd45af5adc0ae37e894
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
ETag: W/"6260ddd4-828"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PSxgHK5sn200:4 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54470
5mjjun.rbjgb.com/ftl/commonPage/js/lazyload.js
163.171.140.79200 OK 2.3 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/lazyload.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash fe962406a9d548234f5b336341c74af4
6865796780072e7030bc6c3fee3655868f832ff3
69e3983c1622857934a86511f900f2a3e0b0684761850039a431a90f65c31bf6
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:45 GMT
Last-Modified: Wed, 14 Sep 2022 06:30:09 GMT
ETag: W/"632174f1-2331"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHK5sn200:6 (Cdn Cache Server V2.0), 1.1 ml62:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30410-7387
5mjjun.rbjgb.com/ftl/commonPage/js/layer.js
163.171.140.79200 OK 7.6 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/layer.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (21922)
Hash 84191d1091731fc35babf501ff6a08bf
13f401266fc74700486a120bb0df31e00152f492
51bae893893c406293bf77a7d6b84e7741607005bd99a64bc9e9be8f3a2a13f0
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-55f6"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:12 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39174
5mjjun.rbjgb.com/071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
163.171.140.79200 OK 7.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (27669)
Hash c17b22c0a40d8f005cef017ef26312e8
55c36e9350fab8f6736651c93f7de4a1238d1659
a3b028b38141f7015e137b2b02aa4f5f971137fcd9108c9770be195426d57631
GET /071911/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:47 GMT
Last-Modified: Mon, 18 Jul 2022 10:47:22 GMT
ETag: W/"62d53a3a-6caf"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 ml64:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54474
5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
163.171.140.79200 OK 1.4 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (4433), with no line terminators
Hash 1e4e9f51375b084a5459f174b6749b60
cf92e8319b5afd4aac588de5073c7d5d470a1aa7
71d123ac7af06a251719002717d0b2806f7e1c43450e559196b517c308110a19
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-1151"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52137
5mjjun.rbjgb.com/071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
163.171.140.79200 OK 4.1 kB URL HTTP/1.1 5mjjun.rbjgb.com/071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Hash e760677f4c48d9f9e8b95ef4b6f87fa8
1e8731b8c43003b65a5e7132d6e51d1e991eb125
3e6115c7f94633f37aa0482064ff05299010e6b7d36b3ee8698389f83f5536c9
GET /071911/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Mon, 18 Jul 2022 10:47:22 GMT
ETag: W/"62d53a3a-3a09"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:9 (Cdn Cache Server V2.0), 1.1 ml64:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30410-7390
5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
163.171.140.79200 OK 17 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (64577)
Hash 32902107484bcea4bbdd212cff7d8839
ef787384e54a4e9ca9e4274b04cb549e4b45c25e
d466c9ac142a38070d5b7c3bbbed22d612eb57142872aea789d4d4b4085686f5
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-fc8b"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 12043483:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49636
5mjjun.rbjgb.com/ftl/commonPage/js/moment.js
163.171.140.79200 OK 27 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/moment.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 87976c42a710df8092a45e8a9780383e
0bbf47ceba3d32989dda43826a402925dd7ef094
b38379dcea9929a2222cb136243b2f58ad8578c104b9675808b41461aa9efd77
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Thu, 09 Jun 2022 08:55:07 GMT
ETag: W/"62a1b56b-1bf5b"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PS-000-014hG234:7 (Cdn Cache Server V2.0), 1.1 ml64:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39176
5mjjun.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
163.171.140.79200 OK 911 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 287b6b8f1ef0d064f10fb8c6063de18e
c0671e7287f3390346c2250474ccdc0a11015db5
7c6a09f79f2f68528f3adac1c437567ae93b76983a0be73cfdbd2c5bd45a0731
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:05 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: W/"5d848f4f-b5d"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54475
x04320.com/message_zh_CN.js?v=1663018038643
154.215.17.93200 OK 9.8 kB URL HTTP/1.1 x04320.com/message_zh_CN.js?v=1663018038643
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type Unicode text, UTF-8 text, with very long lines (17848)
Hash 703b18cd1749714113b3554e6bcd5607
f64d61264a663029a30249ab3ac0679d15ea42b3
9df1af2f570a19e36734ed58ae2a082149a95082e59b539c14051d6009672ff8
Analyzer Verdict Alert fortinet Phishing
GET /message_zh_CN.js?v=1663018038643 HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:43:57 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Fri, 16 Sep 2022 14:43:57 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-16632530373043
out-line: gb-source-106
X-Cache: HIT, HIT from cdn-FirelineHK-8c
Content-Length: 9801
5mjjun.rbjgb.com/071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643
163.171.140.79200 OK 5.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (801)
Hash 3bdcff823cee54e2337932cb9d306566
436ab9ae33ed90d9a1fe087e25540c7dc381589a
080d1c38ed29b8790cd5831c14fd5431fbb7650721ceda323f9b8c467e8d60a9
GET /071911/rcenter/common/static/js/gb.validation.min.js?v=1663018038643 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:01:29 GMT
Last-Modified: Tue, 13 Jul 2021 01:50:28 GMT
ETag: W/"60ecf164-7fd7"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ld122:1 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52143
5mjjun.rbjgb.com/071911/rcenter/common/static/css/gb.validation.min.css
163.171.140.79200 OK 3.8 kB URL HTTP/1.1 5mjjun.rbjgb.com/071911/rcenter/common/static/css/gb.validation.min.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (2295)
Hash d51611d3e17ac5a1deec5990bc566d40
a0f11d99c3819d8e564e2e721fc2dfdb697d4e56
d09021aa2121ea450e9328268d81dbaac3fc13b510ea6d0272005a4f4c8e2f09
GET /071911/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:05 GMT
Last-Modified: Mon, 13 Sep 2021 05:23:34 GMT
ETag: W/"613ee056-2d52"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39183
5mjjun.rbjgb.com/ftl/bet365-1513/themes/style/common.css
163.171.140.79200 OK 6.0 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/style/common.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 6459661673494c86a93ec913f9d2b56e
df0afec3dc3f3d806ba57a3260097c2929461fd3
56956ccda8b25d96a3647ffb1317953df1160193accde5a7d034da9d848bfdf0
GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 14:47:51 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
ETag: W/"631d86f0-7005"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
X-Via: 1.1 12043483:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b16_PShlamstdAMS1se91_30246-15206
5mjjun.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
163.171.140.79200 OK 3.1 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash bc013c0567c33a98be0767b19ac106dd
f58c32f32a3072d30f996207bbb089769dd9d826
d5b7c17d36e6047f07d5c59c4c17dcac04115103213af0c84f5a7e898a8dc496
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
ETag: W/"6131d862-48e4"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52147
x04320.com/
154.215.17.93200 OK 64 kB IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (480)
Hash 68c904733d7fbc5a074acf9ef1ee2eb4
92e24c7c45a839fd9c6420b6e49639d8c7f60c97
8507926ee398128c59a5a7c7b1b21626dfbbc3317633e47fe38bc468854a9a96
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:50 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-html-cache: HIT-3600
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-source-106
Content-Encoding: gzip
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=e0d09c4f097e5298113756698246e512&wsTime=1663253256
163.171.140.79200 OK 5.3 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=e0d09c4f097e5298113756698246e512&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, interlaced\012- data
Hash 715accde73ee91614d615e95f82739f9
1c47e65ab9b1ad7074f9b7dd934a816bd3ef834e
13d1b623d4dd66c17067a7aea27e71fc4510406a946f13c86f99c499b4e7aa62
GET /ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=e0d09c4f097e5298113756698246e512&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 5335
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Fri, 08 Jan 2021 07:45:06 GMT
ETag: "5ff80d82-14d7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:21 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39193
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=c8c62ef80d1ab7335d6ac882ac807c96&wsTime=1663253256
163.171.140.79200 OK 4.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=c8c62ef80d1ab7335d6ac882ac807c96&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash af8e634c913f2a0398342b315793de02
886daf11ed8cb8a67313b28f042100c3a87cedd0
ab903e832a7be190aab69d16acfd4f4c3694760a8b215e06ec356541f33d4b27
GET /ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=c8c62ef80d1ab7335d6ac882ac807c96&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4152
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1038"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49650
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=be6daa218d5a5ed0215bb662a9ee4797&wsTime=1663253256
163.171.140.79200 OK 6.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=be6daa218d5a5ed0215bb662a9ee4797&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash c77f25179cb35f442d78c765405f197e
a623a26a74bb807164c7d95e469a8c31be793a5f
7463103945d72f56abb34b0c17c335dde4bd28b73efa82170a6ffba5909e62eb
GET /ftl/commonPage/images/casino/casino_logo_tp.png?wsSecret=be6daa218d5a5ed0215bb662a9ee4797&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 6682
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Wed, 22 Jul 2020 12:25:50 GMT
ETag: "5f18304e-1a1a"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54492
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=46b87f6b7522ea8957fd6a6e3500dda1&wsTime=1663253256
163.171.140.79200 OK 2.9 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=46b87f6b7522ea8957fd6a6e3500dda1&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 89dccacb8673dfe06bb4c834ae3ad221
5fe92b8d5f5c7aa49c2c8c63d3ba9af5c06c3718
ed349910edf41922abd448073e5549c64f611e3e6c37822e38e0ac2c0ad50bcf
GET /ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=46b87f6b7522ea8957fd6a6e3500dda1&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 2906
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-b5a"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30246-15222
5mjjun.rbjgb.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=b2e070f94020e4adcd17b12f08f28551&wsTime=1663253256
163.171.140.79200 OK 2.3 kB URL HTTP/1.1 5mjjun.rbjgb.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=b2e070f94020e4adcd17b12f08f28551&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 139 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 52a331a9176f0e79b54a961fabdadb81
f2b3c1eecc85589242ba6cab9e5ff605364f415e
8ddf9b81682f988f038c7b64d1880a2c18f519497e75b569e0bdea65413d55d6
GET /fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=b2e070f94020e4adcd17b12f08f28551&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 2276
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Wed, 30 Sep 2020 10:55:15 GMT
ETag: "5f746413-8e4"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:14 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52150
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=8f884b15e3b26f2377c54438ec06dc70&wsTime=1663253256
163.171.140.79200 OK 2.1 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=8f884b15e3b26f2377c54438ec06dc70&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash b224f5c6f0321dba6c0730cfb52c5caa
06fc8641b0f75514db0e2de37f2f8821484b0824
f5af43e1319fd7352f90632ea4541e479a30a664cda3be710869bc54b3c4bb21
GET /ftl/commonPage/images/casino/casino_logo_ttg.png?wsSecret=8f884b15e3b26f2377c54438ec06dc70&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 2145
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Wed, 24 Nov 2021 08:14:48 GMT
ETag: "619df478-861"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30410-7403
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=345591d4d0161153a07f67202df2cc86&wsTime=1663253256
163.171.140.79200 OK 4.6 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=345591d4d0161153a07f67202df2cc86&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 6367cd3c681901e312cb07b638199763
00c3a6f5637892f270fae08dce4b2d52bd3a9ab5
65f8fbc997841ff7e0c55ac7d409bf7769d7bc83e04473c740580c4ebda8b6da
GET /ftl/commonPage/images/casino/casino_logo_gg.png?wsSecret=345591d4d0161153a07f67202df2cc86&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4646
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1226"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39194
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=92176e8ea2616268a8ee5ba6df0dfedb&wsTime=1663253256
163.171.140.79200 OK 5.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=92176e8ea2616268a8ee5ba6df0dfedb&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a2040151bcd2b19d418bd4fcd5ac9d8c
5b4601fb188d8f6eaf6c1fb16f2d0ec9f9d3082e
bdd7e20d16f1020eb8333a37e789a166ec8db535318a09804279854caafdd854
GET /ftl/commonPage/images/casino/casino_logo_bg.png?wsSecret=92176e8ea2616268a8ee5ba6df0dfedb&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 5727
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Wed, 19 Feb 2020 08:16:45 GMT
ETag: "5e4ceeed-165f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49652
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=3c822d861a234bead82c6ed7b18c7e68&wsTime=1663253256
163.171.140.79200 OK 6.1 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=3c822d861a234bead82c6ed7b18c7e68&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a76ef82febe3f738505be4fbe5f937c9
fd03a2b51bec9d07c359692dc6c3347a163fbc90
3b615683d2d685ff22698be0b84d7ca39d057faa0d614d41c83c51ca06f412f9
GET /ftl/commonPage/images/casino/casino_logo_jdb.png?wsSecret=3c822d861a234bead82c6ed7b18c7e68&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 6121
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-17e9"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:12 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30246-15225
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=c75b02ba65c05ddc1950a5e6b4a1cd0c&wsTime=1663253256
163.171.140.79200 OK 5.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=c75b02ba65c05ddc1950a5e6b4a1cd0c&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b49878c65b37d8436f02176aab24863
b3f87149ef0f58c09a1a8c0047a0b92d0099db70
a21a5acef7ac66b0e8b9a4f1e959cf0c911de622d02c30c9448eca21022058cc
GET /ftl/commonPage/images/casino/casino_logo_mw.png?wsSecret=c75b02ba65c05ddc1950a5e6b4a1cd0c&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 5241
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1479"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:7 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52156
5mjjun.rbjgb.com/ftl/bet365-1513/plugin/js/countUp.js
163.171.140.79200 OK 2.1 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/plugin/js/countUp.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash 9cea3c8cd78f789629714cc29ca4f391
3b05805e2353acbae373b6b1bd4d4cdf50466be0
c9cab2410047b6a399def05d9b295dc589c309f583ccb16f7937b04aa6d85652
GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 17:15:46 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
ETag: W/"615584f5-1be5"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Age: 1
X-Via: 1.1 PSxgHK5sn200:4 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:11 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39195
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=01e9d4f5eb8e7b3ccc7a08fed39aa91a&wsTime=1663253256
163.171.140.79200 OK 4.5 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=01e9d4f5eb8e7b3ccc7a08fed39aa91a&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a6d5dc01fb05c1594b4463047f0d4ca9
0c2c51e152822d6ff838939bdaac4bc8c9daa6a7
4514baa50c78ce7ba02287adb13f677f79490f3b27eb47434c8174c808112536
GET /ftl/commonPage/images/casino/casino_logo_pg.png?wsSecret=01e9d4f5eb8e7b3ccc7a08fed39aa91a&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4502
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Mon, 11 Apr 2022 06:10:13 GMT
ETag: "6253c645-1196"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30410-7404
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=155a50e134647a09208f37df91454b71&wsTime=1663253256
163.171.140.79200 OK 4.9 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=155a50e134647a09208f37df91454b71&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash fbc974184b18d827643872da1d2739b3
746e2c9f0a914a235ce40cc05c49f6db9eca3042
e47f831e00225a9098d4476a48e06eddc6868f480fd2983ed9b3a5a695673c08
GET /ftl/bet365-1513/images/footer_title_cunkuan.png?wsSecret=155a50e134647a09208f37df91454b71&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4876
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-130c"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49654
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=c340bfb3cb30ab87e773c57f23678f5b&wsTime=1663253256
163.171.140.79200 OK 5.0 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=c340bfb3cb30ab87e773c57f23678f5b&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f67f5e64a8f4d60603b0a6e1c38e6ee
f9c32ab52c3abeb39d8c5d63dd15bc3ad6d405dc
7b199776ac719337083313728c34ba2b41aa1b022628e74116fd6c0ff5d07bfd
GET /ftl/bet365-1513/images/footer_title_qukuan.png?wsSecret=c340bfb3cb30ab87e773c57f23678f5b&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4991
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-137f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 12043483:4 (Cdn Cache Server V2.0), 1.1 ml64:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30246-15227
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=f3adf5e2b1b1f7029d73e61be30f2db7&wsTime=1663253256
163.171.140.79200 OK 6.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=f3adf5e2b1b1f7029d73e61be30f2db7&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 63c298e01595b32f4f2971eb27f783fe
9adc401ac856b459f1cfb38aed5e3cfd06638370
b9d963160361f311bae0eec8d26862cfeebc48ba2550923850c16a05bf362ff1
GET /ftl/bet365-1513/images/footer_title_fuwu.png?wsSecret=f3adf5e2b1b1f7029d73e61be30f2db7&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 6693
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:08 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1a25"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52158
5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=37ce9c6b61cafef16ad1b4d677434191&wsTime=1663253256
163.171.140.79200 OK 4.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=37ce9c6b61cafef16ad1b4d677434191&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 851bc43c07207b0813c18bef2d19e93a
b4a338be347c09b5c95145b1e8b387f7b731409b
ce35caef3c0d1468ff4446343ab903d56e9bb9e31ff70c75fc568f8cbbc12a61
GET /ftl/commonPage/images/casino/casino_logo_bng.png?wsSecret=37ce9c6b61cafef16ad1b4d677434191&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4232
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Wed, 24 Nov 2021 08:14:48 GMT
ETag: "619df478-1088"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml62:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54493
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_casino.png?wsSecret=284f782e86c9bc51e1ab5b7dc7030cce&wsTime=1663253256
163.171.140.79200 OK 4.5 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_casino.png?wsSecret=284f782e86c9bc51e1ab5b7dc7030cce&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash a7e7b05569568ecd0b1ead75fb95c09b
04f1c9f182fa92bdd50b077832c94b35ef883e54
d5745f287627927eed249abd81eb1157e35b802e39c7b41c3eb0ebc3c828650d
GET /ftl/bet365-1513/images/footer_title_casino.png?wsSecret=284f782e86c9bc51e1ab5b7dc7030cce&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4534
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-11b6"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39197
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=cc2998eb0bece400615115ac5fbf7d73&wsTime=1663253256
163.171.140.79200 OK 1.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=cc2998eb0bece400615115ac5fbf7d73&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 14 x 18\012- data
Hash d7ee8c341d86a4bb78532e2d8e721b7e
0e9394a2905d235b6a7215a03f0a5f8534451bef
ff425363cf8edbb85d152bcdc36a137596829b6c003ac77a1be531922cd8f055
GET /ftl/bet365-1513/themes/images/hot1.gif?wsSecret=cc2998eb0bece400615115ac5fbf7d73&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/gif
Content-Length: 1248
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-4e0"
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52159
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=042d9db701cba1dc6df31f641ece592e&wsTime=1663253256
163.171.140.79200 OK 928 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=042d9db701cba1dc6df31f641ece592e&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 171 x 34, 8-bit colormap, non-interlaced\012- data
Hash 6a35d7146f6fb12966be9d95ec7390f0
4e08c3f9269809beff65e607577204e3fa259d22
3892610b331020e0c985693c462ea4c2f1a2a86194fc1a61562725820c7e81cb
GET /ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=042d9db701cba1dc6df31f641ece592e&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 928
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-3a0"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39198
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=a2bf73ace4d244f828c8b23c5665e4be&wsTime=1663253256
163.171.140.79200 OK 19 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=a2bf73ace4d244f828c8b23c5665e4be&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3\012- data
Hash d06d179cfd809dd45cd071fd1aefb40a
343efa5fdbe90c21443d4ab53ca3e1bb579d973f
6c0365335149978f1ab9b2980e13e95dea2538c2e21a54e7ddeb33ca21a1b039
GET /ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=a2bf73ace4d244f828c8b23c5665e4be&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/jpeg
Content-Length: 19222
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-4b16"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49656
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=994dd9664065f6a5949bb3f7c0ba3fbf&wsTime=1663253256
163.171.140.79200 OK 720 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=994dd9664065f6a5949bb3f7c0ba3fbf&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash eafb012d74f2fccb8980ff1f5fe07ef4
81ce3388b2452316c98a04232e85fea66875a4bb
cb620d60f10951a0d7adfa808e9591e672c5669c8e2701e39d0120c9474e8c17
GET /ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=994dd9664065f6a5949bb3f7c0ba3fbf&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 720
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2d0"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54497
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/list_head.png?wsSecret=1ae8353a4bcf098d5b992bbdd08c06e1&wsTime=1663253256
163.171.140.79200 OK 111 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/list_head.png?wsSecret=1ae8353a4bcf098d5b992bbdd08c06e1&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 5 x 23, 2-bit colormap, non-interlaced\012- data
Hash 21fb21afd6064e87b0f471e81a00469f
b706061210181a99108aed97c7e694f08b0e5a29
7eeab9f0c7b8fb99b0973ad8e07b720cc651893ef4400204937f1962b3d5ed17
GET /ftl/bet365-1513/themes/images/list_head.png?wsSecret=1ae8353a4bcf098d5b992bbdd08c06e1&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 111
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-6f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52161
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=09c9033ac8d3807b593ab06fc33c910a&wsTime=1663253256
163.171.140.79200 OK 421 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=09c9033ac8d3807b593ab06fc33c910a&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1x606, components 3\012- data
Hash 3b818a8e981df7bd62b44be39b0c4c98
d833407d5ff08e4b5d6503951f01cd2f1c9ed3c1
fca542f60ac7b1d89c6806136f5faca8433dffe65687b921a973de952590f68c
GET /ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=09c9033ac8d3807b593ab06fc33c910a&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/jpeg
Content-Length: 421
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1a5"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39201
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=0cea1200c6f3f7392d4e80c0020625ac&wsTime=1663253256
163.171.140.79200 OK 538 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=0cea1200c6f3f7392d4e80c0020625ac&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 31 x 30, 8-bit colormap, non-interlaced\012- data
Hash 892feea4e5200bad99b81a1d0f08de44
f0ab65687dae79bb8d17acee21af91861382c55d
e353da507c7cd437813dae33a058d8b1b7c41aeab30489499abb99b0d542699e
GET /ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=0cea1200c6f3f7392d4e80c0020625ac&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 538
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-21a"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49660
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=c610d6d2ed6b4cd8c893f1228c78b6b3&wsTime=1663253256
163.171.140.79200 OK 519 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=c610d6d2ed6b4cd8c893f1228c78b6b3&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 15 x 17, 8-bit colormap, non-interlaced\012- data
Hash abf297e51fa41e9771aa7392fa9cba44
f76236aa20e9b0d8032666ff853fa87489049b08
1e082f27f562177c07f18f10e71d37d43ded6c836d16d425272ff33c51c3c798
GET /ftl/bet365-1513/themes/images/oclock.png?wsSecret=c610d6d2ed6b4cd8c893f1228c78b6b3&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 519
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-207"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52163
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=b08d62556b6d89062b1c60e5e91813dc&wsTime=1663253256
163.171.140.79200 OK 918 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=b08d62556b6d89062b1c60e5e91813dc&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x796, components 3\012- data
Hash 28b9980238466725db46247eeb3ae314
5490115ce6b25413f142811de784c6460cb7bab2
32c09d293a7029ae5c392f2986a13296809654b4e3816ebc5b9dd7a31a9fb51d
GET /ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=b08d62556b6d89062b1c60e5e91813dc&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/jpeg
Content-Length: 918
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-396"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39202
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=beefa12e31a276173dfb7b8586e43436&wsTime=1663253256
163.171.140.79200 OK 318 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=beefa12e31a276173dfb7b8586e43436&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 14 x 14, 8-bit colormap, non-interlaced\012- data
Hash e149b3e85d15c14a150036f93b296253
0006db6a1d3cc14a1d6da738d3243674d6110f84
9137d5630ca64621c97786e21e5ff77e75de43a4e0597aa6974e25d59082428e
GET /ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=beefa12e31a276173dfb7b8586e43436&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 318
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-13e"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1iy111:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49661
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=20265ab0531c99c933d5be6e1769fd7b&wsTime=1663253256
163.171.140.79200 OK 3.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=20265ab0531c99c933d5be6e1769fd7b&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 307x260, components 3\012- data
Hash 884ab3a54eaeeee2c944773ac757ebcd
1aded473eecfb23f06fc59d4cc989853d2117489
bb3a93104a804d751e4456abbef235889811b806243edbbbb31a757c070b612a
GET /ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=20265ab0531c99c933d5be6e1769fd7b&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/jpeg
Content-Length: 3728
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-e90"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52165
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=3a009e91d4287b63f6e22509f50c8ab5&wsTime=1663253256
163.171.140.79200 OK 20 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=3a009e91d4287b63f6e22509f50c8ab5&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3\012- data
Hash b3f1a365e502da9ff5a176396d415771
7c7967837cd4704a21265da90bcc978a1c98eaac
42af959e91e71e0af8d559e88bb0537cdfa8a89e7d593a2d1d179b22691736e7
GET /ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=3a009e91d4287b63f6e22509f50c8ab5&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/jpeg
Content-Length: 20422
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-4fc6"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:1 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39205
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=64a21e7c69e970b88618dd831a4a11ef&wsTime=1663253256
163.171.140.79200 OK 740 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=64a21e7c69e970b88618dd831a4a11ef&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 36 x 38, 8-bit colormap, non-interlaced\012- data
Hash d2020a71d2421b3d25dc61b5d3791fa9
95253209215c094261111d322b008882c5ea44cf
c10dc5600856216b21a2a3af99e8a3e9fd7b7a022ed9c0d54c1eb1a8d2eeb201
GET /ftl/bet365-1513/themes/images/slot_more.png?wsSecret=64a21e7c69e970b88618dd831a4a11ef&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 740
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2e4"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52166
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=315bf8ed01def23e15bb336fffe5b348&wsTime=1663253256
163.171.140.79200 OK 873 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=315bf8ed01def23e15bb336fffe5b348&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 30 x 30, 8-bit colormap, non-interlaced\012- data
Hash aae380c627076a477224dc2ccdc60c88
f60cadb09dac7476733f1924aa59853cb98df7ab
7e6d9e46386b12a52b52e4361c17f23e3b3041947155d6a9286b9ec563350273
GET /ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=315bf8ed01def23e15bb336fffe5b348&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 873
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-369"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 dianxun232:8 (Cdn Cache Server V2.0), 1.1 ml64:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49662
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=7745ec3840ab6fb2644cedb6996b1c71&wsTime=1663253256
163.171.140.79200 OK 543 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=7745ec3840ab6fb2644cedb6996b1c71&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 35 x 30, 8-bit colormap, non-interlaced\012- data
Hash 730071bbc93fe62be758c91e08e477e3
809ece67f2e7ae25f91de7ae082ab63b43068591
e02f4603a6ce557ca57f7aab0a3359d4baeb77abd4f3c9e0b9af59c2dffcccef
GET /ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=7745ec3840ab6fb2644cedb6996b1c71&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 543
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-21f"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:11 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54498
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=e26929d2c9e8f77f3e91cee6e9381501&wsTime=1663253256
163.171.140.79200 OK 1.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=e26929d2c9e8f77f3e91cee6e9381501&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 28 x 33, 8-bit colormap, non-interlaced\012- data
Hash 7cc35487e902b5a225eb1c7bafcab384
c93a1544416caff36cf704c2d9361d7acd0b1fc0
3acedbde98f248f7dd0167f15dd644e473a9455b23c3d44056c7b383712fa32b
GET /ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=e26929d2c9e8f77f3e91cee6e9381501&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 1704
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-6a8"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:10 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52167
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=35fce86dbfabd9156213b9d60cda76a8&wsTime=1663253256
163.171.140.79200 OK 12 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=35fce86dbfabd9156213b9d60cda76a8&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 861 x 68, 8-bit colormap, non-interlaced\012- data
Hash 56c2eec7f48eb3d9671c0be5ae85122e
31673dee121aeefb578b0399c772b98bbea2d33f
59dccedf293c4425ced117b504ddd0d96d7e4460ba90cfe0f7c82173f35c9552
GET /ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=35fce86dbfabd9156213b9d60cda76a8&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 12448
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-30a0"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39208
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=5da10c7154c739a28634db48205c048e&wsTime=1663253256
163.171.140.79200 OK 13 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=5da10c7154c739a28634db48205c048e&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash f0f041843a33f8356cb6ad96fb74c2f5
42fd118f67208a2491b5fe3b8a9e30c0ae2e51b4
fbb999a8d57dbee751c035fd30e9c4bbdbb16f440f6886f285d540c33d4381f9
GET /ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=5da10c7154c739a28634db48205c048e&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 12679
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-3187"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52168
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=3356b9bcc3f4b362c1838e8732aa40fa&wsTime=1663253256
163.171.140.79200 OK 3.1 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=3356b9bcc3f4b362c1838e8732aa40fa&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 259 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash d2523fd53cda5e60ebc8c997ecc48f82
eb77e52163a77ce43da2488259ca0d9f5be36e6b
f6bbf2c57164cb4f4cbf26ab2deef162518af6ca4d803a45ab5e22f9086232b8
GET /ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=3356b9bcc3f4b362c1838e8732aa40fa&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 3083
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-c0b"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49663
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=1d7b010e8e90c2f2695952661f19c3d1&wsTime=1663253256
163.171.140.79200 OK 9.9 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=1d7b010e8e90c2f2695952661f19c3d1&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 180 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash efbea615018e4733d9c40d6bdb6c799f
6c97e61d83dba5f380bb943ffed709b75786b51c
9a87511ad5d13eff3b7693505f536d6f0f8a71846fe069973ce64983efa72b53
GET /ftl/bet365-1513/themes/images/footer_icon_bank.png?wsSecret=1d7b010e8e90c2f2695952661f19c3d1&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 9923
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-26c3"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:5 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39211
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=1b0144eec20270f81328c4a3b308994d&wsTime=1663253256
163.171.140.79200 OK 12 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=1b0144eec20270f81328c4a3b308994d&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash a02f1d45ed4ce0a8a2f9837cfa215843
57bd5aa4347c4fc913c6dce38df9d4d0ed467508
041b0bbe548392af8a849b349d4f68fd88d57481581f9d7c2839d77c2141139b
GET /ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=1b0144eec20270f81328c4a3b308994d&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 11890
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2e72"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52169
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_live.png?wsSecret=e9f609970f53b30a95020c4a5a3408fe&wsTime=1663253256
163.171.140.79200 OK 4.7 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_live.png?wsSecret=e9f609970f53b30a95020c4a5a3408fe&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 50131f6464f919d825a3a4e6df880e3b
873858bc4f2468bf96ab561fe7c7846affb0c28e
6c7a853c7aee278b699cc5ecc219a8302f130ba4cfa74e7db189e68cef092bd5
GET /ftl/bet365-1513/images/footer_title_live.png?wsSecret=e9f609970f53b30a95020c4a5a3408fe&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4722
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1272"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01QVC89:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2gc184:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39213
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=53a785f09aade4fc85dffadbf19f750c&wsTime=1663253256
163.171.140.79200 OK 10 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=53a785f09aade4fc85dffadbf19f750c&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 34e3bd0d952cf4bb9092e070e348d2cc
650132049dc41e5773763105171871671f3454a8
6647178c379774784e1d97b75ede766542a6bf070b1e53834864aab318daaafa
GET /ftl/bet365-1513/themes/images/footer_title_local.png?wsSecret=53a785f09aade4fc85dffadbf19f750c&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 10488
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-28f8"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 kf230:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:12 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49668
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_help.png?wsSecret=7f8fdb3985725c885d99fc8137911e10&wsTime=1663253256
163.171.140.79200 OK 4.3 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_help.png?wsSecret=7f8fdb3985725c885d99fc8137911e10&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b44dd263dd1cf25933f2e2190f5170e
8abfc08b3e807ab38b6f21cb7800d358ee7e49aa
31dd526cb7fffa943e6d8f9ea3f64b5570e60a20ed4641030fd83b11be27b62a
GET /ftl/bet365-1513/images/footer_title_help.png?wsSecret=7f8fdb3985725c885d99fc8137911e10&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4254
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-109e"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29009-52171
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=71b135ea42eb50f2ea0adb74b24f8c71&wsTime=1663253256
163.171.140.79200 OK 2.2 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=71b135ea42eb50f2ea0adb74b24f8c71&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 302 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 6527c1b3a7f70d7508197f67a446aff8
93f80378927881f42d5d505934456675e5b87c73
ebc5325574340a37dd6d9927b124a4891c1dfb7016988b033cf2e4932fc360eb
GET /ftl/bet365-1513/themes/images/footer_rel.png?wsSecret=71b135ea42eb50f2ea0adb74b24f8c71&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 2203
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
ETag: "631d86f0-89b"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PS-000-01cZq86:2 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2rt183:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_30246-15238
5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_sport.png?wsSecret=6226ca88a1a5e147ea1c4e76b127dff9&wsTime=1663253256
163.171.140.79200 OK 4.4 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/images/footer_title_sport.png?wsSecret=6226ca88a1a5e147ea1c4e76b127dff9&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 133 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cd1ba94626259c8da256ce96f29c1d3
e5df37b38f73118dd9b8a01df3bfa89c2b8ca7b3
da5b51a8701850aa23830fe79ec24cfd3eb1e8bc873aeef301cb9b8a5bfb2c1b
GET /ftl/bet365-1513/images/footer_title_sport.png?wsSecret=6226ca88a1a5e147ea1c4e76b127dff9&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 4376
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-1118"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_29246-39214
5mjjun.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
163.171.140.79200 OK 6.9 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data
Hash 99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:06 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-1ad7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28714-49670
x04320.com/captcha/loginTop.html?t=jhzptiaj
154.215.17.93200 OK 1.4 kB URL HTTP/1.1 x04320.com/captcha/loginTop.html?t=jhzptiaj
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3\012- data
Hash 5fe8c8498f8fd08d86f2b740d8d7f87c
0b30e5540f6ede346b0a5b73395bf2eba3c4d8c2
f3d082cbcec221ab6573bc4713c5b930ffcecc84384acd4c814916b423215549
GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: route=ed164cc67d0677a98cad90146fef1e4e; Path=/
SID=mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=; Domain=.x04320.com; Path=/; HttpOnly
tempSid: mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16632532716e75
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=7bcb1dde1c7b449927c5801c42ab30b0&wsTime=1663253256
163.171.140.79200 OK 95 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=7bcb1dde1c7b449927c5801c42ab30b0&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 302 x 131, 8-bit/color RGBA, non-interlaced\012- data
Hash 7342be391839a9f3577416ecec727997
e8787b6f61f92a5b0104e584c0bb6ef5fef95cd7
2a35483ce4e6048fe99173aaca64ac50c66f27e108d6986183013c689177dcd2
GET /ftl/bet365-1513/themes/images/footer_local_img.png?wsSecret=7bcb1dde1c7b449927c5801c42ab30b0&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: image/png
Content-Length: 95223
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-173f7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b17_PShlamstdAMS1se91_28811-54504
x04320.com/index/getAppsUrl.html?device=android
154.215.17.93200 OK 901 B URL HTTP/1.1 x04320.com/index/getAppsUrl.html?device=android
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , ASCII text, with very long lines (1140), with no line terminators
Hash af90bc5e08817a399c3460be8c70777e
7727415212fe3711c22bed0a0abcc1c24e5d7be1
5f10b8b945f565cb3658fadc15fbce244003190659bb38c206e5b3c27752c579
GET /index/getAppsUrl.html?device=android HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:51 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=7d6afa805080d4f2acd32d213c93951a; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-166325327144c5
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked
5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=a2edb4c061bcad9e81dc0cf5d0e60ad9&wsTime=1663253256
163.171.140.79200 OK 131 kB URL HTTP/1.1 5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=a2edb4c061bcad9e81dc0cf5d0e60ad9&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x260, components 3\012- data
Size 131 kB (130692 bytes)
Hash e5806b88f464030b4cb56a4a96a2add9
5661a4136d6de32327575f8edbae9ba10860904a
f9f8bf9b6175f68614c6f2a6a1ebb7ed1a7c09dd18de1032775ebfcc9ab47481
GET /fserver/files/gb/1513/carousel/10007/1602402943495.jpg?wsSecret=a2edb4c061bcad9e81dc0cf5d0e60ad9&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/jpeg
Content-Length: 130692
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sun, 11 Oct 2020 07:55:47 GMT
ETag: "5f82ba83-1fe84"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:12 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_28811-54517
x04320.com/index/getUserTimeZoneDate.html?t=l8361mmi
154.215.17.93200 OK 119 B URL HTTP/1.1 x04320.com/index/getUserTimeZoneDate.html?t=l8361mmi
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , ASCII text, with no line terminators
Hash 87a05d97cb5658430ab7316e903ef02c
ac3448a7a96abb5f4982b43220757924a7c25471
df5dadc2da11ecfce684f31ba28ee06e153be1600b6dce49e63e5fb2ed2a058f
GET /index/getUserTimeZoneDate.html?t=l8361mmi HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x04320.com/
Cookie: route=7d6afa805080d4f2acd32d213c93951a; SID=mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: text/html; charset=utf-8
Content-Disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-16632532721ee9
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 119
x04320.com/mobile-api/v5/origin/getFloat.html
154.215.17.93200 OK 918 B URL HTTP/1.1 x04320.com/mobile-api/v5/origin/getFloat.html
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (910), with no line terminators
Hash 8e05eab4f1435c8c8af7989c4ecd5488
96162b6ed6c336f358f62fea14d8b44c6ee0b3a5
150a35718505b78f30a454d586f1b145964a37ce540fe73d4ebbcf8705d7eec7
Analyzer Verdict Alert fortinet Phishing
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://x04320.com
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=d2354bfc509147396a08233db36a42d1; Path=/
Access-Control-Allow-Origin: https://x04320.com
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-166325327245e2
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 918
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=38705f6e06ee6c6afba0554ddd943efb&wsTime=1663253256
163.171.140.79200 OK 680 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=38705f6e06ee6c6afba0554ddd943efb&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 169 x 34, 8-bit colormap, non-interlaced\012- data
Hash dd8380feb68da72f3f8fe960f611ce7c
707651dea23c986d71afe91337a2822d3945b552
f25f16a3e8f11c5e37793ddbaf9351a915d8df2e1c8d39cac01dadd255de9573
GET /ftl/bet365-1513/themes/images/member_login.png?wsSecret=38705f6e06ee6c6afba0554ddd943efb&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/png
Content-Length: 680
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-2a8"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 12043483:4 (Cdn Cache Server V2.0), 1.1 ml62:1 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_28811-54536
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=012093e62aeac8d90a78c174599877e0&wsTime=1663253256
163.171.140.79200 OK 306 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=012093e62aeac8d90a78c174599877e0&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 11 x 14, 8-bit colormap, non-interlaced\012- data
Hash 8eff7c810e9fe738953f72c30600c49d
76d0ff44cfe59218f5520bb880ca1a8b227185be
ce1d697df52ad12d4443c85c7d257ccdfc48803bdc84409ed7732231587f56d0
GET /ftl/bet365-1513/themes/images/input_id.png?wsSecret=012093e62aeac8d90a78c174599877e0&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/png
Content-Length: 306
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-132"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1mi112:8 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_29009-52186
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=ed1f801fb8147ab7290ed4b74bc766b7&wsTime=1663253256
163.171.140.79200 OK 295 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=ed1f801fb8147ab7290ed4b74bc766b7&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 11 x 14, 8-bit colormap, non-interlaced\012- data
Hash 8a10f6dde7ab93278fce03968f25594f
61bc29c3cd2a21ca6ff9dc300cfbe3b7789b7862
6792a1a4f681b2d608c6a3e1964e0d2ef9b3fcf743ce3b8afee4a1c97ea2da7b
GET /ftl/bet365-1513/themes/images/input_pw.png?wsSecret=ed1f801fb8147ab7290ed4b74bc766b7&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/png
Content-Length: 295
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-127"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:0 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_29246-39230
5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=2b8d4934382a53af28a79824a8e81fc7&wsTime=1663253256
163.171.140.79200 OK 328 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=2b8d4934382a53af28a79824a8e81fc7&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 190 x 66, 8-bit colormap, non-interlaced\012- data
Hash c84badf514a135594e25cbcd6a5e6d4b
6883fd7e93396a9aeb426d2035a724335b5e04c4
5975ef695aff12c818fe0c61c10a3a14b01f38dbfc7d102de8c1d3444befa08e
GET /ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=2b8d4934382a53af28a79824a8e81fc7&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/png
Content-Length: 328
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
ETag: "613c72a9-148"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_28714-49689
x04320.com/ftl/bet365-1513/themes/images/index_left_title.png
154.215.17.93200 OK 2.5 kB URL HTTP/1.1 x04320.com/ftl/bet365-1513/themes/images/index_left_title.png
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type PNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 243751ae9e30b49a76dc9877ad060823
45ced5a86e90e3c2bfdda3598e82fc58d47ea292
5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e
GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-9b0"
Date: Thu, 15 Sep 2022 14:43:58 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Fri, 16 Sep 2022 14:43:58 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-FirelineHK-8c
Content-Length: 2480
x04320.com/ftl/bet365-1513/themes/images/license.png
154.215.17.93200 OK 21 kB URL HTTP/1.1 x04320.com/ftl/bet365-1513/themes/images/license.png
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type PNG image data, 198 x 249, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b050a88569349c273caa04328ad5219
b8d7f0fed474522391c84e424585f045563c60cd
3740a6aa129a59a5382f6cd772dcdb598a034229d79c2d40f21210b1625a8895
GET /ftl/bet365-1513/themes/images/license.png HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-5176"
Date: Thu, 15 Sep 2022 14:43:58 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Fri, 16 Sep 2022 14:43:58 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-FirelineHK-8c
Content-Length: 20854
5mjjun.rbjgb.com/ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=42112d10efa6d1f4e97e4c2d6b0c7df1&wsTime=1663253256
163.171.140.79200 OK 487 B URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=42112d10efa6d1f4e97e4c2d6b0c7df1&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 781062dc23675b1bce34ae394fb04e88
ae4ce5f36facd039efdb9ca4ba4fcfa5f310b9b4
14cd3b391a10d10314e70f1252e5e90525b280d4a4b5328097c0c0f2d5f28a79
GET /ftl/commonPage/images/favicon/favicon_1513.png?wsSecret=42112d10efa6d1f4e97e4c2d6b0c7df1&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/png
Content-Length: 487
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:37 GMT
Last-Modified: Fri, 02 Sep 2022 09:55:12 GMT
ETag: "6311d300-1e7"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5sn200:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:19 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_28811-54548
x04320.com/headerInfo.html?t=l8361mvf
154.215.17.93200 OK 116 B URL HTTP/1.1 x04320.com/headerInfo.html?t=l8361mvf
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , ASCII text, with no line terminators
Hash e64066a39c09b03d7e7f9a24f795d231
4f569eb4aea989f7f7d97e2545707c13df5310bd
dd910ab52722359a174e836bb2419b659b29d2e57e24fe7a9674bee31e4d799f
GET /headerInfo.html?t=l8361mvf HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x04320.com/
Cookie: route=d2354bfc509147396a08233db36a42d1; SID=mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=7d6afa805080d4f2acd32d213c93951a; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1663253272bb4f
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Transfer-Encoding: chunked
5mjjun.rbjgb.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
163.171.140.79200 OK 1.3 kB URL HTTP/1.1 5mjjun.rbjgb.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5mjjun.rbjgb.com/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Expires: Fri, 16 Sep 2022 11:47:07 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
ETag: "5d848f4f-529"
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
uuid: -
out-line: gb-cdn-204
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHKG8ir123:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1bm110:2 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_29009-52202
5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=75689ebc5cdea8413be53f6e00cb548c&wsTime=1663253256
163.171.140.79200 OK 154 kB URL HTTP/1.1 5mjjun.rbjgb.com/fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=75689ebc5cdea8413be53f6e00cb548c&wsTime=1663253256
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 692x516, components 3\012- data
Size 154 kB (154403 bytes)
Hash fd67307817e801a6d49bf7dfbe9c5c71
4ac44fc33a77e1fcfef00694cff47ae09febef07
56e75486b317320c6bc9872dc57559edf40270892ee7c4543c0d9065e22b49da
GET /fserver/files/gb/1513/carousel/10030/1656847567598.jpg?wsSecret=75689ebc5cdea8413be53f6e00cb548c&wsTime=1663253256 HTTP/1.1
Host: 5mjjun.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x04320.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: image/jpeg
Content-Length: 154403
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:34:37 GMT
Last-Modified: Sun, 03 Jul 2022 17:04:48 GMT
ETag: "62c1cc30-25b23"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-cdn-205
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 PSxgHK5bd29:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 63233b18_PShlamstdAMS1se91_28811-54560
x04320.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
154.215.17.93200 OK 140 B URL HTTP/1.1 x04320.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x04320.com/
Cookie: route=7d6afa805080d4f2acd32d213c93951a; SID=mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:52 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=f213f96779f053a02667be524c91fbf5; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1663253272e46a
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 140
x04320.com/mobile-api/v5/origin/loginSwitchCheck.html
154.215.17.93200 OK 174 B URL HTTP/1.1 x04320.com/mobile-api/v5/origin/loginSwitchCheck.html
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d
Analyzer Verdict Alert fortinet Phishing
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x04320.com/
Cookie: route=7d6afa805080d4f2acd32d213c93951a; SID=mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:53 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=c3060241053a3de1daf6b07c3ab7763c; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-166325327203de
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 174
x04320.com/mobile-api/v5/origin/getThirdParam.html
154.215.17.93200 OK 103 B URL HTTP/1.1 x04320.com/mobile-api/v5/origin/getThirdParam.html
IP 154.215.17.93:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 9ac55fe189e4f53f37156e563e0f542e
18b13b1360ce9fbd973e046d2652be38d58a15e0
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b
Analyzer Verdict Alert fortinet Phishing
GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: x04320.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://x04320.com/
Cookie: route=c3060241053a3de1daf6b07c3ab7763c; SID=mNNM+L60HGgAF8NcDIWw/m0r8A39VUixguvBHjwCTLwpsezxkfladFvjX0Xp+1G+od89/9SLl+jcdhq3iu4BFam029FAzfhAJMH6+w+7qQeZ9DWt9Nk=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Thu, 15 Sep 2022 14:47:53 GMT
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-166325327338fd
out-line: gb-source-106
X-Cache: MISS from cdn-FirelineHK-8c
Content-Length: 103
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 8dbc7f5f-1cb9-4b45-913d-2d4db71449fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSvG98IAMFeLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f44-3094163533977c6d1ee90274;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Gx5Pfp0fH7GtvITXwV1CVZlM6wbfIXmyk_4xZtIVf8qkmg0AyxBPQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:01 GMT
age: 66413
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2