Report - dd365g.cc/

Report Overview

Submitted URL
dd365g.cc/
IP
20.205.118.3
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-06-02 11:43:25
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
vue.livelyhelp.chat	292217	2020-04-15	2020-06-12	2023-06-02	3.6 kB	498 kB	54.230.111.59
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-01	340 B	863 B	54.230.80.227
chat.livehelp100service.com	unknown	2021-12-08	2022-06-06	2023-06-02	1.6 kB	10 kB	13.248.194.97
dd365g.cc	unknown	unknown	2020-01-22	2023-04-19	466 B	222 B	20.205.118.3
	unknown				9.4 kB	229 kB	20.205.118.3
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-02	1.7 kB	4.8 kB	104.18.15.101
1gruet.rbjgb.com	unknown	2020-06-18	2022-07-28	2023-06-02	19 kB	1.5 MB	104.250.44.1
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-02	680 B	1.9 kB	54.230.80.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-02 11:43:03	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-02 11:43:03	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	dd365g.cc/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	dd365g.cc:8989/	48 B	2023-03-07	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen6513 Hash 37f0336a6fe3f56c661b149ecf659efe 9aff4163d5da3b8d760f0593c583dd8d1f6dfc14 f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f Loading...

	dd365g.cc:8989/	505 B	2023-05-31	2023-06-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 13:31:19 Last Seen2023-06-10 09:24:02 Times Seen256 Hash 633a11639d47389449f6e5762e40d35a a02159a12a3322f697d3e62cdb34802db2defe74 6a00e9f7e7d72a8e1b87d5f462e1cdd74cdc34ec6f72bef4aad89d4b3131bda4 Loading...

	dd365g.cc:8989/	705 B	2023-05-31	2023-07-09
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-07-09 16:39:17 Times Seen59 Hash 3d83749672d8eead4924517a020a3849 52408355cb50bb543374fc6fb721120c0a787b0d b3d61dc6556ceab09f68e778f8918ec7813d47a8280d3136004f9be214bcdc67 Loading...

	vue.livelyhelp.chat/livechat.ashx?siteId=60000906	1.6 kB	2023-05-16	2023-06-07
Pretty URL vue.livelyhelp.chat/livechat.ashx?siteId=60000906 IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 01:15:51 Last Seen2023-06-07 12:06:56 Times Seen39 Hash 8977c6daf6d218e81806160d6c7f4285 107c3b13e6fcf5d0cb2999ed8b7b78d40fe85187 85fa4175daee1b1704395ac9cd1ce3a2dedc5458b4bdc5365432d0c717b019c1 Loading...

	unknown	278 B	2023-04-14	2024-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 20:29:13 Last Seen2024-05-10 06:27:21 Times Seen5696 Hash cf0aad09d2e7287c48d72501c4ed8cbd 7950b8c00d5a278b662dbccd11af31398a408e51 72512199b29d971b5fe854b1f610604dcbdec2c38666c106f1d15863e0df32db Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js	17 kB	2023-04-05	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6524 Hash 1008fe6a5e1a182d7775963b85405bb2 e174a7b08cc3cb5545af1cd33d2814e604119392 7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js	2.1 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen13068 Hash 07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d Loading...

	dd365g.cc:8989/	17 kB	2023-05-31	2023-06-05
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-06-05 08:29:53 Times Seen18 Hash 1b5dc94076037e1bdf31eacf6676df5b 5662cca1ff7bf291696535203f20bfb7d31de00e c3f21e2deaa3259a27ef961f8304bef111ac45b1146e873ad9f903e9f4cb1b57 Loading...

	vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js	61 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen892 Hash a97c5b0f2a1783a30ddf13de86d049bf 4c40fb76a09c6a6d07c3ec3b7665f1a8eae587b6 1d34d3038a74c748da83226c713a8813601a9589d12d10e178d6d6584ceb3d9b Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/float.js	7.0 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/float.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen13069 Hash 829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271 Loading...

	dd365g.cc:8989/message_zh_CN.js?v=1685395744961	32 kB	2023-04-28	2023-07-10
Pretty URL dd365g.cc:8989/message_zh_CN.js?v=1685395744961 IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 10:49:37 Last Seen2023-07-10 14:41:19 Times Seen1449 Hash abdcbf67b546f2665360012a6af3bbdb a876710b72498972a0ef587c388a514f7b60ee81 606608cb052a53144304576bda119fe134133ec34ae8e985520dfe57563e856c Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js	65 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen13301 Hash b5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e Loading...

	1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js	15 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen13062 Hash 4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9 Loading...

	dd365g.cc:8989/	13 kB	2023-04-05	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6518 Hash 109d40ff6f9b3510b169fac4b8e845ce 4ce0fc768718f555487159ddd745e728a0c74c64 7b782f2e9589aa72ddadf4546c0f09709c73bea1339cd0ce893dfc40f6252949 Loading...

	dd365g.cc:8989/	11 kB	2023-04-05	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6492 Hash 6681856885ee92601b7711c11d19553f 95ab4437869df8c790cad28e0753a4c9ea362e73 ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23 Loading...

	dd365g.cc:8989/	3.6 kB	2023-04-05	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6490 Hash d15a9b513acdcf3e9b08901384511565 f1fe72392137895e4952f835c0330f76aacfecdf 9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js	61 kB	2023-04-05	2023-09-12
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2023-09-12 13:51:41 Times Seen3042 Hash b575e784995b44bfb0e8124cfcca1680 eb382fae3719c0f731383a17bbf59e4630795d13 196ee421870c9e54c6bf9b13e97c73dea3955632d9eca37ee87cdcdd1a8b7df3 Loading...

	dd365g.cc:8989/	21 kB	2023-05-31	2023-06-05
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-31 01:11:24 Last Seen2023-06-05 08:29:53 Times Seen18 Hash 83d779de109d685f20e7e7993287c278 275bfbb487d9e19d35c71174c4cb3c967eae56e9 2503c8fe6ddbbfbea62d55425cd4113648e690bef2f10c9f26de821d01674625 Loading...

	vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js	74 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen982 Hash a835f52554aadc654111d559a421a1d6 c804b433151b32bf2a1cd5d9f447914c42a49346 ff6165fa761e7550a6d458ecff1ce641fb84a0a70a1f4f72bfc4c5b704c574ea Loading...

	vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js	527 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen1024 Hash 7dd3e386b0cd8e8e061c5ccd55f57312 99829047a3d6dd8636a99cb7d40b2ff2253eee09 944dda37179d5929ff731e111c822c37f610f701b9625ff85aa1d9fcc55fdc57 Loading...

	vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js	9.5 kB	2023-05-10	2023-06-13
Pretty URL vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js IP 54.230.111.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-13 01:31:58 Times Seen679 Hash 270bb19aad1f9d42484ce92bd6edca01 c175b6bf310656d9a74c3ab491ad44c85b3dafa0 4be2f2f0f6ea6cf24f62547f06c2c8def635ece0315dd8ad5aae675f02dd3dd8 Loading...

	dd365g.cc:8989/commonPage/lan/i18n.js?t=1685706185.179	1.3 kB	2023-06-02	2023-06-02
Pretty URL dd365g.cc:8989/commonPage/lan/i18n.js?t=1685706185.179 IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:43:28 Last Seen2023-06-02 13:43:28 Times Seen2 Hash 4f7ffa0c3ededafe3907dd9f4d4aece4 c49a226b3ba36fdc30bf722dc361d88a768e99fc 7f7abbe807f58fd3f83c3f267cb73f0642e7e36631d3249b6f7421cbdd3ca196 Loading...

	dd365g.cc:8989/	20 kB	2023-04-05	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6486 Hash 9f5bce1aa50f72fd0834901c70db4f43 41771079bee5eb45539e694a5eff580732ab26b0 a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd Loading...

	1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js	28 kB	2023-04-05	2024-05-10
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6508 Hash 9c41709c2b64126b909c101a27f39153 4ab666b36c092577acb41390ad90e96d5fea7711 c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/moment.js	114 kB	2023-03-07	2023-06-13
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/moment.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2023-06-13 01:31:58 Times Seen1639 Hash 9bcf737d07f6f089ac8c8e11a1758fad fb186e78925c05500b7855bf7f4f9d00a5517acc cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688 Loading...

	dd365g.cc:8989/	6 B	2023-03-07	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 17:47:06 Times Seen7408 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js	45 kB	2023-03-07	2024-05-09
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-09 07:29:05 Times Seen5277 Hash 6ddb20c89aad63f86c5862b2f5c48a56 45da7bc94c509993ad003b3963c6e802b5ec248a 1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js	4.4 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen13063 Hash f77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7 Loading...

	dd365g.cc:8989/	1.8 kB	2023-04-05	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6482 Hash 9f1681b5a72417b33c2869aab85af152 b40a6d9c6d058c2bd6e126a1b0191182926b9d04 eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154 Loading...

	1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961	33 kB	2023-04-05	2024-05-10
Pretty URL 1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6620 Hash a55780dc13cbf1a8d375f14ebb659cf2 9548cc269bcde0dc48e166fa6bab37af8a649e57 35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8 Loading...

	dd365g.cc:8989/	2.4 kB	2023-05-18	2023-11-28
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-18 01:25:27 Last Seen2023-11-28 09:25:01 Times Seen4082 Hash 91354abf0f62578b55d4dc04437f8866 22eb91f9ead6e7634670722da74d4a61b3c08150 035fec121949808f22f48133184d8fd307c2535912d140df791987de106c44d9 Loading...

	dd365g.cc:8989/	116 kB	2023-05-15	2023-06-03
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 07:00:24 Last Seen2023-06-03 14:35:25 Times Seen29 Hash f1477af9d867f593f2f41a2c6dbb5e18 01a856adb01b6539c924aa4ae366566b3a1f02a1 d3ab85f6d77f345ac7ed17d4be84b491f18944a00beb6735235319a90e48f345 Loading...

	dd365g.cc:8989/	650 B	2023-05-06	2023-08-20
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash c4af43bcc8d8cd9acf99544a95e53f38 af12b7071f210cb46cd974ea0b03f9d1163c20ac 2525d0056cb27b35eec76689ad8a8491b59df03836820acbc2aa68527853aefc Loading...

	dd365g.cc:8989/	5.9 kB	2023-04-05	2023-08-03
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2023-08-03 06:50:56 Times Seen2123 Hash 21d16b4bf9ca9dee56b6bd4c6fbc07fc a470fb54fc85c0f66587c8b18cf3720d81c5089f 949b743a6ee9cfc4a7f10b05969df89c626007d65b2f27f2aa8d501c30c8f2a9 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-05-10 11:45:44 Times Seen13686 Hash b091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js	12 kB	2023-04-05	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6518 Hash 466a7ed7d00986d45375c0cbffb5233c 68845ead668e9abd29c24b491dbf97b219226c08 7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123 Loading...

	dd365g.cc:8989/	390 B	2023-04-05	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6424 Hash 4e6bbb84979a27014e74be230fe8440f aafe0c1dba07e91354abfb25d154c0acbed24d61 03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74 Loading...

	dd365g.cc:8989/	652 B	2023-05-06	2023-08-20
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash 36148985855b4b73b6474178f7945903 8eedfe728eb1d93d1056bf58d15dfe63f5050893 3b4ba18c36538f3b00a0a55bb2a72aa8ab0c51747218a14f03bfdb12ff01866b Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js	11 kB	2023-04-05	2023-08-31
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2023-08-31 08:58:03 Times Seen2511 Hash 95bb24446bd217df4f93461f70c7678c 2140c5afa733bf625108c85556736bdc70319ca9 dd6779210bf5c2670d3a2fea9cd108bc1471b25e074a9ea86017d46827e32d2f Loading...

	dd365g.cc:8989/	12 kB	2023-05-06	2023-08-20
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2023-08-20 23:09:00 Times Seen130 Hash 747b663507ca5f33c3fc8debce6fb9ce 02fc194e8e2b9c2a694af105a07e8836ddb16cf4 4e2165e1105e0b2a5aade7619a66794165a54abeca30f54f9b3e53fffe254cf2 Loading...

	dd365g.cc:8989/	116 kB	2023-05-06	2024-02-29
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 10:24:13 Last Seen2024-02-29 00:40:00 Times Seen136 Hash f8ea1507e5960fcaf19c4500c47d823b 0ad5149222f05a4c1036f3f69aa4a88411ffd4d6 2cf4f3b7d8d3e3c1bf45a6e185ebca2cb9023cd4160d68912da001824e63396c Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js	20 kB	2023-03-07	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-10 11:45:44 Times Seen13090 Hash 5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811 Loading...

	1gruet.rbjgb.com/ftl/commonPage/js/layer.js	22 kB	2023-04-05	2024-05-10
Pretty URL 1gruet.rbjgb.com/ftl/commonPage/js/layer.js IP 104.250.44.1 ASN #137280 Kingsoft cloud corporation limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-10 11:45:44 Times Seen6507 Hash cb96339625e9d456e32f86cdb3c7a7a1 1301165c58bbb13c542cba493b7ab5774e87e31f 17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919 Loading...

	dd365g.cc:8989/	0 B	2023-03-07	2024-05-10
Pretty URL dd365g.cc:8989/ IP 20.205.118.3 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 18:40:01 Times Seen37516191 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 271024fb262c7ed69f5c643f5c434119	356 B	2023-05-10	2023-06-11
Pretty Observations First Seen2023-05-10 17:29:30 Last Seen2023-06-11 01:12:40 Times Seen45 Hash 271024fb262c7ed69f5c643f5c434119 84b3d3257c0313e8741fec0f96f0975a6c957285 d0e8af64188f111291b580ed972d9e04453235664a6d78e6b0b7bbdc6b2557de Loading...

	#2 Write - 3366f26eb9fff4645b32b2f19aa6ce99	176 B	2023-03-07	2024-02-29
Pretty Observations First Seen2023-03-07 01:27:25 Last Seen2024-02-29 05:13:29 Times Seen962 Hash 3366f26eb9fff4645b32b2f19aa6ce99 acf8a839cade3210ebb03c64ec03bb1e5f207ef6 8d8e8a0fdf09457e906ba9b8c595213995be248cb8ed614f369f7ef538867fad Loading...

HTTP Transactions (80)

URL IP Response Size

dd365g.cc/

20.205.118.3

301 Moved Permanently

58 B

URL User Request GET HTTP/1.1
dd365g.cc/
IP
20.205.118.3:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
HTML document, ASCII text
Size
58 B (58 bytes)
Hash
f1cf1a4263c40658ac4ca1a456b9b678
020310dae86d9e7d0d4dbdeb313623d109371460
84bcdb7c7b0e884f0590ffc0274e6098155a10e4cf0de9b87fb126af8c8d64cf

Detections

Analyzer	Verdict	Alert
openphish	Bet365

HTTP Headers

GET / HTTP/1.1
Host: dd365g.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://dd365g.cc:8989/
Date: Fri, 02 Jun 2023 11:43:04 GMT
Content-Length: 58

dd365g.cc:8989/

20.205.118.3

200 OK

101 kB

URL User Request GET HTTP/1.1
dd365g.cc:8989/
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
101 kB (100995 bytes)
Hash
1179b1426c90931f4d534ba1f012587d
7fb190b369651aab16e8e263149304edec39371d
67366d5c2f2d60d90aafcdbc68723444d257bbe3b6cb0dd911813383e5ff107b

HTTP Headers

GET / HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:05 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Html-Cache: HIT-3600
Transfer-Encoding: chunked

dd365g.cc:8989/commonPage/lan/i18n.js?t=1685706185.179

20.205.118.3

200 OK

813 B

URL GET HTTP/1.1
dd365g.cc:8989/commonPage/lan/i18n.js?t=1685706185.179
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
ASCII text, with very long lines (1217)
Size
813 B (813 bytes)
Hash
4f7ffa0c3ededafe3907dd9f4d4aece4
c49a226b3ba36fdc30bf722dc361d88a768e99fc
7f7abbe807f58fd3f83c3f267cb73f0642e7e36631d3249b6f7421cbdd3ca196

HTTP Headers

GET /commonPage/lan/i18n.js?t=1685706185.179 HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:06 GMT
Out-Line: gb-cdn-813
Uuid: 00121-01-00000000-16857061860dfa
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 813

dd365g.cc:8989/ftl/commonPage/themes/gui-skin-default.css

20.205.118.3

200 OK

6.2 kB

URL GET HTTP/1.1
dd365g.cc:8989/ftl/commonPage/themes/gui-skin-default.css
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.2 kB (6239 bytes)
Hash
d72bc8116ebcfa2aa1853b83f607f2f9
669f0eddfe55d617d5dd0264ebef6ee483ca8319
9dcd6715090f9f85e0010db1dfecf43a05ba4e28df4884264a65356f3bc9e917

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 11:43:06 GMT
Etag: W/"5fced4cc-7b2e"
Expires: Sat, 03 Jun 2023 11:43:06 GMT
Last-Modified: Tue, 08 Dec 2020 01:20:12 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365g.cc:8989/message_zh_CN.js?v=1685395744961

20.205.118.3

200 OK

9.8 kB

URL GET HTTP/1.1
dd365g.cc:8989/message_zh_CN.js?v=1685395744961
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
Unicode text, UTF-8 text, with very long lines (17953)
Size
9.8 kB (9826 bytes)
Hash
2f6bbee802e13ba5b996854899146388
1740f10b199aabd29342db59f3bc368e7a115007
a133f55920bc6dce0b09e2b0e107fccf6f89a5f1744f2535e4702c08b38e198a

HTTP Headers

GET /message_zh_CN.js?v=1685395744961 HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: application/javascript;charset=UTF-8
Date: Fri, 02 Jun 2023 11:43:06 GMT
Expires: Sat, 03 Jun 2023 11:43:06 GMT
Out-Line: gb-cdn-813
Uuid: 00121-01-00000000-1685706186051b
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365g.cc:8989/ftl/commonPage/themes/gui-base.css

20.205.118.3

200 OK

17 kB

URL GET HTTP/1.1
dd365g.cc:8989/ftl/commonPage/themes/gui-base.css
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
Unicode text, UTF-8 text, with very long lines (12023)
Size
17 kB (16723 bytes)
Hash
fcf7fcda4cfb8589d0e35dcad1b6a70a
607ec7cfde0e21e5ca7323aabd340ea82eddbd0c
58005581427a61dee5af1386995b38d90e995f4bcb75b85f8bb84d84ab5ac0fd

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 11:43:06 GMT
Etag: W/"64702b4d-13d22"
Expires: Sat, 03 Jun 2023 11:43:06 GMT
Last-Modified: Fri, 26 May 2023 03:45:17 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365g.cc:8989/ftl/commonPage/themes/hongbao.css

20.205.118.3

200 OK

5.7 kB

URL GET HTTP/1.1
dd365g.cc:8989/ftl/commonPage/themes/hongbao.css
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
Unicode text, UTF-8 text, with very long lines (336)
Size
5.7 kB (5666 bytes)
Hash
499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894

HTTP Headers

GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 11:43:06 GMT
Etag: W/"64252e4f-d530"
Expires: Sat, 03 Jun 2023 11:43:06 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

dd365g.cc:8989/ftl/commonPage/themes/gui-layer.css

20.205.118.3

200 OK

6.8 kB

URL GET HTTP/1.1
dd365g.cc:8989/ftl/commonPage/themes/gui-layer.css
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
Unicode text, UTF-8 text, with very long lines (489)
Size
6.8 kB (6816 bytes)
Hash
34043d72a58a05875d105be59c26edd5
52fbec83f17a976b9d5ed85d0d5c722ad8a56f4b
4c79bd5f7674ac54a377c34facd56465a269d5ce434eb1635338f4efaee4f1c6

HTTP Headers

GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/css
Date: Fri, 02 Jun 2023 11:43:06 GMT
Etag: W/"6464352d-c416"
Expires: Sat, 03 Jun 2023 11:43:06 GMT
Last-Modified: Wed, 17 May 2023 02:00:13 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:43:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=510800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0f6fd35816b515-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:43:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=510800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0f6fd34af41c16-OSL

1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js

104.250.44.1

200 OK

12 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32030)
Size
12 kB (11951 bytes)
Hash
6ddb20c89aad63f86c5862b2f5c48a56
45da7bc94c509993ad003b3963c6e802b5ec248a
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11951
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b07e"
Date: Sun, 14 May 2023 12:26:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:26:08 GMT
Age: 1639018
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 894bfc11bd231b9d3d61a46332f78211

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

104.250.44.1

200 OK

34 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-176d4"
Date: Sun, 14 May 2023 12:26:10 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:26:10 GMT
Age: 1639016
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 12b2dd09e97c747b026665132068dcad

1gruet.rbjgb.com/ftl/bet365-121/themes/style/common.css

104.250.44.1

200 OK

13 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/style/common.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (908)
Size
13 kB (12715 bytes)
Hash
7f751b6564b8d8851e204c2ea5e86536
4474f799e275f01236f439e7dd43ba8d000a2f24
31e165c328f607954145a69ec67e3d6c41e1f3071605a7e7c4009449896465f5

HTTP Headers

GET /ftl/bet365-121/themes/style/common.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 12715
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"61c3f27b-ddb3"
Date: Sun, 14 May 2023 13:09:47 GMT
Last-Modified: Thu, 23 Dec 2021 03:52:27 GMT
Expires: Tue, 13 Jun 2023 13:09:47 GMT
Age: 1636399
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 1f81ec86ecbca4395fff1ec0cefd18fd

1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js

104.250.44.1

200 OK

3.3 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6260ddd4-2f13"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1638874
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: c4b63dc8eae846f59e63dc44a5b226a0

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:43:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=511055,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0f6fd34e51b503-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:43:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=511055,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0f6fd35b26b505-OSL

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d27c9f704f8273c3976bdf6d9d7543cc
f9044012549bd2270358d478fa28797a7441bcdc
a7f2d8be8d975f56228a79934f139bed0618721b9337afc6dcf50b674072d61b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 11:43:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Jun 2023 09:46:28 GMT
Expires: Thu, 08 Jun 2023 09:46:27 GMT
Etag: "f9044012549bd2270358d478fa28797a7441bcdc"
Cache-Control: max-age=511055,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0f6fd35d9c0b59-OSL

1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js

104.250.44.1

200 OK

797 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"6260ddd4-828"
Date: Sun, 14 May 2023 12:28:31 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 13 Jun 2023 12:28:31 GMT
Age: 1638875
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 65101d7a77b82021de32604207bdb50c

1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js

104.250.44.1

200 OK

2.7 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/lazyload.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
2.7 kB (2688 bytes)
Hash
c400884eb33705c441487b8beed81be0
6e040e41aad03c4554aa90141fd872433185082a
df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2688
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"63a93f79-2ce5"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Mon, 26 Dec 2022 06:30:17 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1638874
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 65196523ad4d23c9adbb4be71cf45a18

1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js

104.250.44.1

200 OK

16 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/gui-base.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11041)
Size
16 kB (15770 bytes)
Hash
4f958aa7157a3b48caa17e42505396b6
67a2625ceeb29fd2d235c9c395c53ff505029b46
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15770
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-ee4d"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1638873
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 4edb18996eee2c13fe43a38416e91f9b

1gruet.rbjgb.com/ftl/bet365-121/themes/style/bootstrap-dialog.min.css

104.250.44.1

200 OK

630 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/style/bootstrap-dialog.min.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
630 B (630 bytes)
Hash
304eb84809c6637b7cdd0dc6225c5761
e724aff10b16dc82bf1086cd3b70d8396f630d64
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4

HTTP Headers

GET /ftl/bet365-121/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 630
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"61c3f27b-adc"
Date: Sun, 14 May 2023 13:09:48 GMT
Last-Modified: Thu, 23 Dec 2021 03:52:27 GMT
Expires: Tue, 13 Jun 2023 13:09:48 GMT
Age: 1636398
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: e15af07cecbac3bb597b6c01378f4c97

1gruet.rbjgb.com/ftl/commonPage/js/float.js

104.250.44.1

200 OK

1.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/float.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"612747ba-1b2f"
Date: Sun, 14 May 2023 12:26:11 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Tue, 13 Jun 2023 12:26:11 GMT
Age: 1639015
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: c13021130e8ebd0284b72fb555e76379

1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js

104.250.44.1

200 OK

5.0 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"5d848f4f-4ea4"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1638874
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 5b0096d08157a7409c1085bce039d45a

1gruet.rbjgb.com/ftl/commonPage/js/layer.js

104.250.44.1

200 OK

7.6 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/layer.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-55f6"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1638874
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 99d200979a1d0c22e372172d845702ea

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

104.250.44.1

200 OK

1.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-1151"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1638874
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 1284828f62526fd74b08913f609b98a3

1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

104.250.44.1

200 OK

17 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-fc8b"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1638873
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 60d046cbc2f1284b58fb2398aad1a027

1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js

104.250.44.1

200 OK

4.0 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"60f60fb5-43bc"
Date: Sun, 14 May 2023 12:28:33 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Tue, 13 Jun 2023 12:28:33 GMT
Age: 1638873
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: a146ff21c2e986db2cbfef0d466d203d

1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

104.250.44.1

200 OK

7.7 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

HTTP Headers

GET /150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-6caf"
Date: Mon, 29 May 2023 22:12:23 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:23 GMT
Age: 307843
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 0b41b0128b3171ee5d7bd33f987f6c10

1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

104.250.44.1

200 OK

4.1 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

HTTP Headers

GET /150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"64748e92-3a09"
Date: Mon, 29 May 2023 22:12:24 GMT
Last-Modified: Mon, 29 May 2023 11:37:54 GMT
Expires: Wed, 28 Jun 2023 22:12:24 GMT
Age: 307843
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: ce2b03cbfeb42e688f1556d5e2b65609

1gruet.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css

104.250.44.1

200 OK

911 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
911 B (911 bytes)
Hash
1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"5d848f4f-b5d"
Date: Sun, 14 May 2023 12:56:50 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 12:56:50 GMT
Age: 1637177
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: c91da5f8a66dd67de34d56e8f37221e2

1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961

104.250.44.1

200 OK

5.2 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

HTTP Headers

GET /150810/rcenter/common/static/js/gb.validation.min.js?v=1685395744961 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-7fd7"
Date: Mon, 29 May 2023 22:12:23 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:23 GMT
Age: 307843
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 535231ca52c82fe5b5533aa2d5ee2f38

1gruet.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css

104.250.44.1

200 OK

3.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

HTTP Headers

GET /150810/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-FOREIGN-12-02
ETag: W/"633d510e-2d52"
Date: Mon, 29 May 2023 22:12:26 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 28 Jun 2023 22:12:26 GMT
Age: 307840
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-FOREIGN-12-02, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 9fe5b3456b386c715dd9dfb9b33a116b

1gruet.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0

104.250.44.1

200 OK

3.1 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.1 kB (3111 bytes)
Hash
5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc

HTTP Headers

GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: W/"6131d862-48e4"
Date: Sun, 14 May 2023 12:54:38 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Tue, 13 Jun 2023 12:54:38 GMT
Age: 1637309
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 3434eeee2475a64eb5c85a9d67a168c5

1gruet.rbjgb.com/ftl/commonPage/js/moment.js

104.250.44.1

200 OK

27 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/js/moment.js
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Size
27 kB (26878 bytes)
Hash
9bcf737d07f6f089ac8c8e11a1758fad
fb186e78925c05500b7855bf7f4f9d00a5517acc
cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26878
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: W/"62a1b56b-1bf5b"
Date: Sun, 14 May 2023 12:28:32 GMT
Last-Modified: Thu, 09 Jun 2022 08:55:07 GMT
Expires: Tue, 13 Jun 2023 12:28:32 GMT
Age: 1638874
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: f3f359c295a744d60fc188d60d72868d

1gruet.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

104.250.44.1

200 OK

6.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "5d848f4f-1ad7"
Date: Sun, 14 May 2023 13:09:48 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 13 Jun 2023 13:09:48 GMT
Age: 1636399
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 4a5abb684b32b63ae0cffb504e5d2f26

dd365g.cc:8989/mobile-api/v5/origin/getFloat.html

20.205.118.3

200 OK

106 B

URL POST HTTP/1.1
dd365g.cc:8989/mobile-api/v5/origin/getFloat.html
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
106 B (106 bytes)
Hash
18da76ef30828950957abc98b28e7327
dc5c652bbb18e3bf5d2f14776ce2e10710e0decb
45c7e7ed630f2a5c7a48a85a78bf558f3a831d66085669a7953dfb0ea646fa54

HTTP Headers

POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://dd365g.cc:8989
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 11:43:07 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685706187d6e6
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 106

dd365g.cc:8989/index/getAppsUrl.html?device=android

20.205.118.3

200 OK

907 B

URL GET HTTP/1.1
dd365g.cc:8989/index/getAppsUrl.html?device=android
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , ASCII text, with very long lines (1144), with no line terminators
Size
907 B (907 bytes)
Hash
2f9ee33b2e4e0d10e0ef373728475657
af276b64441cd2cd35a3f2273e01996d69ce6cbd
9e82be21efe3afe2191774dcf348763744926c477c5dc19299d6a19183d403db

HTTP Headers

GET /index/getAppsUrl.html?device=android HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; Path=/
Sub-Sys: msite
Uuid: 00121-01-00000000-1685706188bb56
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 907

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6f25787681406a599af8356eb15ee0e7
038b6eb2f63682f8ae5ce5d2687986ef7782216a
4f0911ea3e1d08c803035a5efbc6e90f0ced2727cc3e7ce7296de01207e7a4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 11:43:08 GMT
Last-Modified: Fri, 02 Jun 2023 10:58:31 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hf-3HzhXvXcWBjxHy5VNFq_Ds9Bc54GF3fUFfuIY5V2P-xryyq9xPQ==
Age: 2677

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6f25787681406a599af8356eb15ee0e7
038b6eb2f63682f8ae5ce5d2687986ef7782216a
4f0911ea3e1d08c803035a5efbc6e90f0ced2727cc3e7ce7296de01207e7a4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 11:43:08 GMT
Last-Modified: Fri, 02 Jun 2023 11:02:48 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7ET2UaRcdEpTwOmuLcDR03E4JUH9w-nzQXuisyFuF58ekQXPCONFIw==
Age: 2420

dd365g.cc:8989/index/getUserTimeZoneDate.html?t=liehxuyi

20.205.118.3

200 OK

97 B

URL GET HTTP/1.1
dd365g.cc:8989/index/getUserTimeZoneDate.html?t=liehxuyi
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
bc56dfb5ee78a8acef916b7fba7afb62
208abff6aee2e19e456540b43c3aa38d2a24ec73
c6708c65ea312274c690502d240f30d8d0f2e9f5f486315a950a3512aab7dcdd

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=liehxuyi HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-1685706188a857
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 97

vue.livelyhelp.chat/livechat.ashx?siteId=60000906

54.230.111.59

200 OK

885 B

URL GET HTTP/2
vue.livelyhelp.chat/livechat.ashx?siteId=60000906
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
885 B (885 bytes)
Hash
8a5a42da8aa3174ed91da6f56876db6d
cf8491ba49cc76399d71505cd36f5a3f0611810e
e3664828f708c6ae7ed019ecee1ee7ac0745bc14f30cd70fc884380340c095eb

HTTP Headers

GET /livechat.ashx?siteId=60000906 HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Fri, 02 Jun 2023 02:37:07 GMT
server: Kestrel
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2g0rrybNGtdcNZdx8DTnAWVp7SIfFWmhwnbyMDM0zcPk5G90Tl9t1Q==
age: 32761
X-Firefox-Spdy: h2

vue.livelyhelp.chat/livechat.ashx?siteId=60000906

54.230.111.59

200 OK

851 B

URL GET HTTP/2
vue.livelyhelp.chat/livechat.ashx?siteId=60000906
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
851 B (851 bytes)
Hash
a33045fef83a74f675f24248251b2745
bd0960f253b42f8d49a9a1281cd22f9ab47aa0c1
cc29995bafb6bf4fabb48f4513dd7c79f85a0bbb2afac5b7494cf568339158fd

HTTP Headers

GET /livechat.ashx?siteId=60000906 HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Fri, 02 Jun 2023 02:37:07 GMT
server: Kestrel
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PSHg0Xt0l2b1xA5nV8Hc1x7NyqWehcYmAhHQq19p8fQ9E6wAV1TeoQ==
age: 32761
X-Firefox-Spdy: h2

dd365g.cc:8989/index/getUserTimeZoneDate.html?t=liehxvg9

20.205.118.3

200 OK

97 B

URL GET HTTP/1.1
dd365g.cc:8989/index/getUserTimeZoneDate.html?t=liehxvg9
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
5f2dee66da3c27d70e739910310f618f
f33a7562832e2038e17263e0dfbd0b74a68a7d40
d20595ab62fd0106167c3a3ccea8d25b14eeb69ccf4be52018206ce616ae62e7

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=liehxvg9 HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-1685706188ed78
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 97

dd365g.cc:8989/mobile-api/v5/origin/loginSwitchCheck.html

20.205.118.3

200 OK

113 B

URL GET HTTP/1.1
dd365g.cc:8989/mobile-api/v5/origin/loginSwitchCheck.html
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
113 B (113 bytes)
Hash
1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d

HTTP Headers

GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685706188e7d4
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 113

dd365g.cc:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign

20.205.118.3

200 OK

112 B

URL GET HTTP/1.1
dd365g.cc:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
112 B (112 bytes)
Hash
5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1

HTTP Headers

GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
Out-Line: gb-cdn-813
Set-Cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685706188c930
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 112

dd365g.cc:8989/mobile-api/v5/origin/getThirdParam.html

20.205.118.3

200 OK

86 B

URL GET HTTP/1.1
dd365g.cc:8989/mobile-api/v5/origin/getThirdParam.html
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
86 B (86 bytes)
Hash
9ac55fe189e4f53f37156e563e0f542e
18b13b1360ce9fbd973e046d2652be38d58a15e0
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b

HTTP Headers

GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Jun 2023 11:43:09 GMT
Out-Line: gb-cdn-813
Sub-Sys: mobile
Uuid: 00121-01-00000000-1685706189a29e
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 86

1gruet.rbjgb.com/ftl/bet365-121/images/index-ban-04.jpg?wsSecret=1a0db17787107de6169ffdeb8ce9ad72&wsTime=1685706187

104.250.44.1

200 OK

71 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-ban-04.jpg?wsSecret=1a0db17787107de6169ffdeb8ce9ad72&wsTime=1685706187
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 860x214, components 3\012- data
Size
71 kB (70989 bytes)
Hash
0874790c51f4c2fc4b19ca5b7062c107
0b018e3a09ff6de7ed287fe2e77ea7f933712bf0
c490274b8d7112c756355b806bf7f8954296bd94f0380ef682a68597128d9ee0

HTTP Headers

GET /ftl/bet365-121/images/index-ban-04.jpg?wsSecret=1a0db17787107de6169ffdeb8ce9ad72&wsTime=1685706187 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 70989
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "5d2c7603-1154d"
Date: Sun, 14 May 2023 13:09:49 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Tue, 13 Jun 2023 13:09:49 GMT
Age: 1636399
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b720f6892e6ca200fe33104122591f0f

1gruet.rbjgb.com/ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3903 bytes)
Hash
e5a2ad569e98290c9b2c4a4be078caf4
11a4517d0252c0757729edfdf9cccba1a18c2a21
d49b27a9f00196592c4f64857d3f5dea4c4e57328d0537c947b96d8bca9e7517

HTTP Headers

GET /ftl/bet365-121/themes/images/icon-menu-api-bet365.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3903
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-f3f"
Date: Sun, 14 May 2023 12:28:38 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:28:38 GMT
Age: 1638871
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 306cd3aa046ff6d638cbb9d18071b976

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10183/365epc.jpg.base64

104.250.44.1

200 OK

168 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10183/365epc.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 692x516, components 3\012- data
Size
168 kB (167576 bytes)
Hash
3574bdc3cde04dad5934caa1a3a8450a
8c47ba3e0b2606d90073c8d3a80dcdbe11ad1e0c
38c9c32da8e1a710a6cb59a8ee5572dee05c9c66fb75d0d68aa53a2b90c04bab

HTTP Headers

GET /fserver/files/gb/121/carousel/10183/365epc.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 167576
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63a1d0e7-28e98"
Date: Sun, 14 May 2023 12:28:38 GMT
Last-Modified: Tue, 20 Dec 2022 15:12:39 GMT
Expires: Tue, 13 Jun 2023 12:28:38 GMT
Age: 1638871
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: d7784b2d7864feae08900b47ea13fa94

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64

104.250.44.1

200 OK

128 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (127631 bytes)
Hash
be663490cad9945816e2a8c06006818e
0d2274099ebda0c8b2287d773e60be25bb21543c
6f64ebb39f34158d6f22133ca4324072c799f08c5407edaf7753092bebc51b66

HTTP Headers

GET /fserver/files/gb/121/carousel/10177/1639488605085.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 127631
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "63770ee7-1f28f"
Date: Sun, 14 May 2023 12:28:41 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:43 GMT
Expires: Tue, 13 Jun 2023 12:28:41 GMT
Age: 1638869
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: b1e2d30634beeaaf87f689e7daad88bd

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64

104.250.44.1

200 OK

230 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
230 kB (230329 bytes)
Hash
742cc95cacbfb99d69af088a55c8daee
d2353b5b99bcae5a416b5ef94a64138e4682d42c
2ef2d125b3e3c3ff6379070544b9b2f920ff416cc5a0d0833dad04cefdf1c0b9

HTTP Headers

GET /fserver/files/gb/121/carousel/10175/1639394823278.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 230329
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee7-383b9"
Date: Sun, 14 May 2023 12:28:40 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:43 GMT
Expires: Tue, 13 Jun 2023 12:28:40 GMT
Age: 1638870
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 51423c3f1cd54874520ebffac8fbf242

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64

104.250.44.1

200 OK

278 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278300 bytes)
Hash
a15b5210b8738817a4877f06037cab37
0952a7b40b385c0c63c00a9fe8150bcacef8ae80
c9acf6e4cbcc45be053ec27581cb60d4072bfe4b359d76701cbe9f4a0c265a7b

HTTP Headers

GET /fserver/files/gb/121/carousel/10157/1628927069388.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 278300
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee6-43f1c"
Date: Sun, 14 May 2023 12:28:41 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:42 GMT
Expires: Tue, 13 Jun 2023 12:28:41 GMT
Age: 1638869
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 588cbb85cbe2a18917074348804ec1bd

1gruet.rbjgb.com/fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64

104.250.44.1

200 OK

277 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
277 kB (276691 bytes)
Hash
57952bca926775400bf45dd90bed34b6
bc58fa8be4a61f6039b5b07a195a010959b81e51
3478d541b6d417c66f7ee4bd4be0a1f332ed9857ebec4dc81f315ecd7b108dd7

HTTP Headers

GET /fserver/files/gb/121/carousel/10145/1628927127996.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 276691
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee5-438d3"
Date: Sun, 14 May 2023 12:28:43 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:41 GMT
Expires: Tue, 13 Jun 2023 12:28:43 GMT
Age: 1638868
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 7f295cd1e737fffadc02cf674f421665

1gruet.rbjgb.com/fserver/files/gb/121/Logo/1/1543560239717.png.base64

104.250.44.1

200 OK

6.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/fserver/files/gb/121/Logo/1/1543560239717.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6825)
Size
6.8 kB (6826 bytes)
Hash
66e9b89efb4e7f29a87644419122ab3b
7ad459cd238227649aeba6705b540e55ed273942
f4a232f6376894fcdfb8905e755851d2e5160496d99372a47ad89761ee6cc3c1

HTTP Headers

GET /fserver/files/gb/121/Logo/1/1543560239717.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6826
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "63770ee1-1aaa"
Date: Sun, 14 May 2023 12:36:58 GMT
Last-Modified: Fri, 18 Nov 2022 04:49:37 GMT
Expires: Tue, 13 Jun 2023 12:36:58 GMT
Age: 1638374
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 9bc73f57ffad594a3ef53be50a15277e

1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3883 bytes)
Hash
4558c044623afebe02a1422bf13fbae0
66b103e96878b8542f1a6cac95a584ecb8d26787
99735be4461b4d9faee52aca6f539ed2bab8f459868193421a44f94cee745b2c

HTTP Headers

GET /ftl/bet365-121/themes/images/login_os.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3883
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-f2b"
Date: Sun, 14 May 2023 12:36:59 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:36:59 GMT
Age: 1638373
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: dc48b32a05792d74baf14f6aae0bf215

dd365g.cc:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png

20.205.118.3

200 OK

1.3 kB

URL GET HTTP/1.1
dd365g.cc:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1321 bytes)
Hash
a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936

HTTP Headers

GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/ftl/commonPage/themes/gui-layer.css
Cookie: sticket=dU9UQXVOREl1TVRVM; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 1321
Content-Type: image/png
Date: Fri, 02 Jun 2023 11:43:12 GMT
Etag: "5d848f4f-529"
Expires: Sat, 03 Jun 2023 11:43:12 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Out-Line: gb-cdn-813
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1638372
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 76c354aa7d7cb97bacb5acd62741d91a

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1638372
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 08016a7fe02dcd0859264f8fce110782

1gruet.rbjgb.com/ftl/bet365-121/themes/images/sports-infos-bg.png.base64

104.250.44.1

200 OK

14 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/sports-infos-bg.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
14 kB (14071 bytes)
Hash
87a2000794ce47540d366318eba25fce
7e13890479a39ebe5e5b84cd881cddb3485ddf7b
4a35f04b2032a5edece24929c1b01ec6747106881adbf1f9ddbc6e077275eecb

HTTP Headers

GET /ftl/bet365-121/themes/images/sports-infos-bg.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 14071
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-36f7"
Date: Sun, 14 May 2023 13:09:50 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:50 GMT
Age: 1636402
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 011ccf0a0068fd301e4cb3152b97e183

vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js

54.230.111.59

200 OK

27 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (57848)
Size
27 kB (26603 bytes)
Hash
a97c5b0f2a1783a30ddf13de86d049bf
4c40fb76a09c6a6d07c3ec3b7665f1a8eae587b6
1d34d3038a74c748da83226c713a8813601a9589d12d10e178d6d6584ceb3d9b

HTTP Headers

GET /visitorside/js/common.dce7d2db.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 05:59:28 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-ee9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p9bvqFaqeQazFLBbzmZuB-vituWvXZbZIdD2Zoo_zxUk0xlb5RCc6w==
age: 20624
X-Firefox-Spdy: h2

dd365g.cc:8989/fserver/files/gb/121/carousel/10183/365epc.jpg

20.205.118.3

200 OK

72 kB

URL GET HTTP/1.1
dd365g.cc:8989/fserver/files/gb/121/carousel/10183/365epc.jpg
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 692x516, components 3\012- data
Size
72 kB (71928 bytes)
Hash
94c229bd9d84a0c594294b4ec6d6e89f
e509d795e28f38125fb01f6168a411c37ccc4f66
ad52fefd05eaf7e406fa264d33ba103c6a62f7c98431f08053ced439a3031f52

HTTP Headers

GET /fserver/files/gb/121/carousel/10183/365epc.jpg HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 71928
Content-Type: image/jpeg
Date: Fri, 02 Jun 2023 11:43:12 GMT
Etag: "63a1d0e7-118f8"
Expires: Sat, 03 Jun 2023 11:43:12 GMT
Last-Modified: Tue, 20 Dec 2022 15:12:39 GMT
Out-Line: gb-cdn-813
Uuid: -
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1638372
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 89d980db3080191ad7d4cbd23f8eef41

1gruet.rbjgb.com/ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64

104.250.44.1

200 OK

515 B

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
515 B (515 bytes)
Hash
b1734cb77ae0e91b4116a8a06a7fc5b3
146195cdb93b3194f586acabd2712c7efb1c02da
d89f82c6664674129fe2a5da52c794ad91b6b8e8840119139180574d278ca20f

HTTP Headers

GET /ftl/bet365-121/themes/images/sec-nav-bg-grad.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 515
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-203"
Date: Sun, 14 May 2023 13:09:50 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:50 GMT
Age: 1636402
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: ca55c9f5044f8cc753073f12ab4ea493

1gruet.rbjgb.com/ftl/bet365-121/images/index-casino.jpg.base64

104.250.44.1

200 OK

42 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-casino.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
42 kB (41718 bytes)
Hash
d85ea4e359a4f6110f45608a215a9395
7ea544d92730a6d771fa71767a5275f6c3467de1
08c006ada8a7ac4b82f9972091e8fe55cb72b3bf5308877485a9cd91466d422e

HTTP Headers

GET /ftl/bet365-121/images/index-casino.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 41718
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-a2f6"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1636401
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 99aaaa648a09156e93219ffe1bfa536e

vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js

54.230.111.59

200 OK

128 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/bundle.71856ffb.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65422)
Size
128 kB (128160 bytes)
Hash
7dd3e386b0cd8e8e061c5ccd55f57312
99829047a3d6dd8636a99cb7d40b2ff2253eee09
944dda37179d5929ff731e111c822c37f610f701b9625ff85aa1d9fcc55fdc57

HTTP Headers

GET /visitorside/js/bundle.71856ffb.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 07:05:39 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-808eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZQrktVE3o1YaXJXs9SpmUVJ2oSFt1FTGOOImB2-ZzqBgSpovroCEfA==
age: 16653
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64

104.250.44.1

200 OK

3.9 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/login_os.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
3.9 kB (3883 bytes)
Hash
4558c044623afebe02a1422bf13fbae0
66b103e96878b8542f1a6cac95a584ecb8d26787
99735be4461b4d9faee52aca6f539ed2bab8f459868193421a44f94cee745b2c

HTTP Headers

GET /ftl/bet365-121/themes/images/login_os.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 3883
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-f2b"
Date: Sun, 14 May 2023 12:36:59 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 12:36:59 GMT
Age: 1638373
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 69d77c9c1e5d8a9b35af74459c425a3f

1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64

104.250.44.1

200 OK

6.4 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/commonPage/images/favicon/favicon_121.png.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
6.4 kB (6359 bytes)
Hash
82d083a46150283e02ccc2dae1864ed7
71f55f5af7c83b92cf00e1994b218e526a0a79c8
dce4485ca07fa0bf611b19cd5fca14a70d0afd7f85d6e6528e121e34e1371a76

HTTP Headers

GET /ftl/commonPage/images/favicon/favicon_121.png.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 6359
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "638da88c-18d7"
Date: Sun, 14 May 2023 12:37:00 GMT
Last-Modified: Mon, 05 Dec 2022 08:15:08 GMT
Expires: Tue, 13 Jun 2023 12:37:00 GMT
Age: 1638372
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 421cb793e65a6e8d4bba7c5d91bbf7a3

1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64

104.250.44.1

200 OK

5.8 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/themes/images/bg-products.gif.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
5.8 kB (5771 bytes)
Hash
218e631a9ac4002db242ae37fdc7060a
d340f9e755fe026516943b890c423fef1d02930a
cac54484b00312dcecc274572c6d45744e87d0b9a54e667f2c22bcc5f253a91b

HTTP Headers

GET /ftl/bet365-121/themes/images/bg-products.gif.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 5771
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-168b"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1636401
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: b7f6f4f5bbb9ce8615ddd8d679f514a5

1gruet.rbjgb.com/ftl/bet365-121/images/index-lottery.jpg.base64

104.250.44.1

200 OK

40 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-lottery.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
40 kB (39554 bytes)
Hash
26e2b2e2badebd56bc19d11395bc8d90
cc75eeef029dd24d73f5578dd177b07b58339506
a8ea01afc26227b927a2a86fee7e2ee33c02fe98854e336764ab67858fce3d24

HTTP Headers

GET /ftl/bet365-121/images/index-lottery.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 39554
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-01
ETag: "641ea446-9a82"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1636401
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: HIT from KS-CLOUD-LSJ-12-01, HIT from KS-CLOUD-LSJ-FOREIGN-11-01
X-Cdn-Request-ID: 72d9c33e30e89df512ae71966987b66b

vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js

54.230.111.59

200 OK

180 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/common.dce7d2db.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (57848)
Size
180 kB (179452 bytes)
Hash
a97c5b0f2a1783a30ddf13de86d049bf
4c40fb76a09c6a6d07c3ec3b7665f1a8eae587b6
1d34d3038a74c748da83226c713a8813601a9589d12d10e178d6d6584ceb3d9b

HTTP Headers

GET /visitorside/js/common.dce7d2db.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 05:59:28 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-ee9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JKq-hbEVgE8eI7p1bPP5eWxfquTsHXPt__4i_ABME1XTjviUeoYAfQ==
age: 20624
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b9ba3b9e9902e3e8368a02a6dddd1101
1c9ca085c5b2db9ce552d8eb27394b5f5ab04961
603242cac724321239673751be885a3e321147b5d20345a008f072166d683ad3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 11:43:13 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y2mZTlS0mCjZ2J0JDVkmRSP-IsL44ST1DWrEvLRvV6MTt9hWbOdBIA==

chat.livehelp100service.com/visitor.ashx?siteId=60000906

13.248.194.97

200 OK

731 B

URL POST HTTP/2
chat.livehelp100service.com/visitor.ashx?siteId=60000906
IP
13.248.194.97:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- HTML document, ASCII text, with very long lines (1297), with no line terminators
Size
731 B (731 bytes)
Hash
b022201c02f1c244ffb289d313592708
bfd6359cc9413cdfc536fef904c9d01424bdaf8e
d8384e69f7618e5edcf20f83fd4e84d62298d5a5d450f430c2a96c87d4641876

HTTP Headers

POST /visitor.ashx?siteId=60000906 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 69
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:43:13 GMT
content-type: text/json; charset=utf-8
content-length: 731
server: nginx
cache-control: private
content-encoding: gzip
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-aspnet-version: 4.0.30319
access-control-allow-origin: https://dd365g.cc:8989
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

chat.livehelp100service.com/visitor.ashx?siteId=60000906

13.248.194.97

200 OK

744 B

URL POST HTTP/2
chat.livehelp100service.com/visitor.ashx?siteId=60000906
IP
13.248.194.97:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1322), with no line terminators
Size
744 B (744 bytes)
Hash
12944e11a08865b963c6f4368a341b56
f33da332ec1732fb9159e38cb1e688f996cfa41c
6b4e18726ce065437cdfb3cb6cc51679103b67b8142e3ee0ed65e082c76e4e53

HTTP Headers

POST /visitor.ashx?siteId=60000906 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1327
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:43:14 GMT
content-type: text/json; charset=utf-8
content-length: 744
server: nginx
cache-control: private
content-encoding: gzip
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-aspnet-version: 4.0.30319
access-control-allow-origin: https://dd365g.cc:8989
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

chat.livehelp100service.com/campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607

13.248.194.97

200 OK

6.7 kB

URL GET HTTP/2
chat.livehelp100service.com/campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607
IP
13.248.194.97:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
FingerprintAE:E3:91:CC:1C:00:25:08:E6:A6:DA:CC:10:03:1B:77:15:78:68:C7
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 19 Jan 2024 23:59:59 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12230), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
95854c509696c661121399132b7122e4
45ec3c1222c96d8ebf5824eade454c745b951380
11dacfed9f3133b124847156577e54a93d06c2a0cb5ad0f778b412abbb9fd422

HTTP Headers

GET /campaign.ashx?siteId=60000906&campaignId=dcf892b1-154c-4f8d-8f09-ba833161ce65&lastUpdateTime=00000000083DC607 HTTP/1.1
Host: chat.livehelp100service.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Jun 2023 11:43:14 GMT
content-type: text/json; charset=utf-8
content-length: 6701
server: nginx
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With
arrserver: node5chatserver
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2

dd365g.cc:8989/favicon.ico

20.205.118.3

404 Not Found

150 B

URL GET HTTP/1.1
dd365g.cc:8989/favicon.ico
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
150 B (150 bytes)
Hash
3975df6acd9bb32205823270e122bb3f
debbb3ecc9183ee7672f25d0f74eea74e3530298
13ed13454e3102135579e64775b002a66280f9eb99c31e4d8b59a69cf7e00425

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 150
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
X-Frame-Options: SAMEORIGIN

vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js

54.230.111.59

200 OK

9.5 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/Button.8e7eec9c.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9703), with no line terminators
Size
9.5 kB (9540 bytes)
Hash
fdc52b061e51dfcbdedf21ca762d9cf9
5cc66b475dc8075f2bf772a3a9ac9bd2ed43018e
61240cab85495ff08735440d1774611a23d1218e33117ea7dd0ed0147fd69b56

HTTP Headers

GET /visitorside/js/Button.8e7eec9c.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://vue.livelyhelp.chat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 02:04:55 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-2544"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rctSSfoEeEL0-uTJDIamoILjXWl1GhNKzIVHBs6oz86T8H9CsYzqzg==
age: 34699
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js

54.230.111.59

200 OK

74 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
74 kB (73465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/vendor.3f781933.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 03:20:59 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-11ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5hRrRy1JYUlcxWeOgyqvcZtqXyKg1UPC_YK13JcA3VHDBPUgUcttYA==
age: 30133
X-Firefox-Spdy: h2

vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js

54.230.111.59

200 OK

74 kB

URL GET HTTP/2
vue.livelyhelp.chat/visitorside/js/vendor.3f781933.js
IP
54.230.111.59:443
ASN
#16509 AMAZON-02

Requested by
https://dd365g.cc:8989/
Certificate
IssuerAmazon
Subject*.livehelp100service.com
Fingerprint6F:E7:59:6C:BC:A5:EE:3B:9E:32:71:6E:15:60:9F:A9:36:BC:D0:F3
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
74 kB (73465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visitorside/js/vendor.3f781933.js HTTP/1.1
Host: vue.livelyhelp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 03:20:59 GMT
server: nginx/1.22.1
last-modified: Mon, 08 May 2023 07:00:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"64589dff-11ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qlKd9JdDg8J-9-LyMmSXd0eJozXizoU0xpXkg6xrvJ78CJMh641ZvA==
age: 30133
X-Firefox-Spdy: h2

1gruet.rbjgb.com/ftl/bet365-121/images/index-game.jpg.base64

104.250.44.1

200 OK

36 kB

URL GET HTTP/1.1
1gruet.rbjgb.com/ftl/bet365-121/images/index-game.jpg.base64
IP
104.250.44.1:443
ASN
#137280 Kingsoft cloud corporation limited

Requested by
https://dd365g.cc:8989/
Certificate
IssuerSectigo Limited
Subject*.rbjgb.com
Fingerprint53:6A:B9:2A:19:DF:AF:0C:E2:82:93:B2:92:62:38:34:56:3C:DE:C3
ValiditySun, 26 Mar 2023 00:00:00 GMT - Mon, 25 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
36 kB (36231 bytes)
Hash
cd75b5ca5e8b8224880bc951f0eae39c
ed4199ec40838a7843e33f07ce0a97c7e3040424
700d24ce9c8dbdd2a3a075c259448676abff4438b619b17612469b51d00e29c5

HTTP Headers

GET /ftl/bet365-121/images/index-game.jpg.base64 HTTP/1.1
Host: 1gruet.rbjgb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dd365g.cc:8989
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 36231
Connection: keep-alive
Server: Default-server-KS-CLOUD-LSJ-12-03
ETag: "641ea446-8d87"
Date: Sun, 14 May 2023 13:09:51 GMT
Last-Modified: Sat, 25 Mar 2023 07:35:34 GMT
Expires: Tue, 13 Jun 2023 13:09:51 GMT
Age: 1636402
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: lsj11:443;lsj12:80;
X-Cache-Status: MISS from KS-CLOUD-LSJ-12-03, HIT from KS-CLOUD-LSJ-11-02
X-Cdn-Request-ID: 72093e952fe2ce31184037c49d413c71

dd365g.cc:8989/headerInfo.html?t=liehxv7x

20.205.118.3

200 OK

127 B

URL GET HTTP/1.1
dd365g.cc:8989/headerInfo.html?t=liehxv7x
IP
20.205.118.3:8989
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://dd365g.cc:8989/
Certificate
IssuerLet's Encrypt
Subjectdd365g.cc
FingerprintEF:CA:F8:77:52:E1:6F:FA:9B:5B:20:EB:D3:AE:75:29:15:CE:62:50
ValidityFri, 31 Mar 2023 15:10:47 GMT - Thu, 29 Jun 2023 15:10:46 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
127 B (127 bytes)
Hash
d47b44d041df4e9ada12c3e462b1de70
22551a35fc68fe994e26ed4a970be0a6419b2ccd
8372f0b26277aa1f434e4cebf8bbf72fca51e39fe7f89c0a483e4e282960d003

HTTP Headers

GET /headerInfo.html?t=liehxv7x HTTP/1.1
Host: dd365g.cc:8989
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dd365g.cc:8989/
Cookie: sticket=dU9UQXVOREl1TVRVM; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 11:43:08 GMT
Out-Line: gb-cdn-813
Sub-Sys: msite
Uuid: 00121-01-00000000-168570618803c8
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 116

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL