| 1111968.com/commonPage/lan/i18n.js?t=1715208712.577 | 20.222.191.152 | 200 OK | 7.0 kB |
URL GET HTTP/21111968.com/commonPage/lan/i18n.js?t=1715208712.577 IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typegzip compressed data, from Unix Hashf97d1e22ba5ca774383befd73a460864 508021f31ead2a958f44c389fcdcd96f5d03611b 4c95d101c38be427a93e20b6f0488161f9561735e05c4031296820530aaf08f3
GET /commonPage/lan/i18n.js?t=1715208712.577 HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:53 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-1715208713c020
out-line: gb-cdn-806
content-encoding: gzip
x-country: NO
x-cache: MISS@wakamonom000001
X-Firefox-Spdy: h2
|
|
| 1111968.com/message_zh_CN.js?v=1714556748154 | 20.222.191.152 | 200 OK | 20 kB |
URL GET HTTP/21111968.com/message_zh_CN.js?v=1714556748154 IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typegzip compressed data, max compression, from Unix Hash12a8e7247ec956e8086cb6374e6bd6ee 2648c3546cf21ce9362ede0b0e63d29ade791752 c3d0770b7cff7366407ba0df3e97c2d9acde87b993800f3144e1ea8f48d51c0c
GET /message_zh_CN.js?v=1714556748154 HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:53 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=86400
uuid: 00177-01-00000000-1715208709f592
out-line: gb-cdn-132
x-country: NO
x-cache: HIT, HIT@wakamonom000001
X-Firefox-Spdy: h2
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/style/common.css | 103.198.200.1 | 200 OK | 5.6 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/style/common.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeUnicode text, UTF-8 text, with very long lines (312) Hash03ce869f3c2d66b7d688b7c02a6546c4 343e1a1a8e8e54844b17be0fdc1a828af6306f7d 99ac572a23f192ef279dcfc77efd95c3ebdf4bd10ac8bc8363ce4d814c69a676
GET /ftl/venetian177/themes/style/common.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5602
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"6434cd36-5dc5"
Date: Tue, 16 Apr 2024 10:10:27 GMT
Last-Modified: Tue, 11 Apr 2023 03:00:06 GMT
Expires: Thu, 16 May 2024 10:10:27 GMT
Age: 1946487
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 39906960502895355710d37eb0feeaaa
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/style/bootstrap-dialog.min.css | 103.198.200.1 | 200 OK | 582 B |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/style/bootstrap-dialog.min.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeASCII text, with very long lines (2212), with no line terminators Hashb96ac75a57b19d9c167a3a1c8576b53d 7efedd5b5277d951393af4783e9da20fc5376152 3fcfb5edb031a13551fb7630852d5a1b474339bfb2c8ac97e9596e9e798a7815
GET /ftl/venetian177/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 582
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"6156d044-8a4"
Date: Tue, 16 Apr 2024 10:10:27 GMT
Last-Modified: Fri, 01 Oct 2021 09:09:24 GMT
Expires: Thu, 16 May 2024 10:10:27 GMT
Age: 1946487
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: f7653bf77e6f5b9291545f13648400ff
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/themes/gui-skin-default.css | 103.198.200.1 | 200 OK | 6.3 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/themes/gui-skin-default.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (7014) Hash4f6eba52b6bdba2bd8154d39c61fcaab 11a91e977ab64175dc2ec233d45c6cf9d34798b0 b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64ad1569-7b6e"
Date: Tue, 16 Apr 2024 10:06:42 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Thu, 16 May 2024 10:06:42 GMT
Age: 1946712
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 9139ec178aea2127ec17e5aca70577df
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/themes/gui-base.css | 103.198.200.1 | 200 OK | 17 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/themes/gui-base.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeUnicode text, UTF-8 text, with very long lines (12023) Hashd01c79296c69daae2357744b28ad3a08 6979c86432a04a8cc22818055bd599e10d13892e 03bae6f265bda27347f4697d37ddb03335678cf0a76d5a246ee1b02463294599
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17118
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"661623eb-14596"
Date: Tue, 16 Apr 2024 10:06:41 GMT
Last-Modified: Wed, 10 Apr 2024 05:30:19 GMT
Expires: Thu, 16 May 2024 10:06:41 GMT
Age: 1946713
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 4ed3aa4a95277b2fbe7ef20826f58705
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/float.js | 103.198.200.1 | 200 OK | 1.9 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/float.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"612747ba-1b2f"
Date: Tue, 16 Apr 2024 10:06:34 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Thu, 16 May 2024 10:06:34 GMT
Age: 1946720
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: cb6fdcc3ee9592ec98f7ed99eba143a0
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/websocket/PopUp.js | 103.198.200.1 | 200 OK | 797 B |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/websocket/PopUp.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
Hash07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"6260ddd4-828"
Date: Tue, 16 Apr 2024 10:06:37 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Thu, 16 May 2024 10:06:37 GMT
Age: 1946717
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: 6e843385fc6719b4d044eeedf79940f1
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/websocket/Comet.js | 103.198.200.1 | 200 OK | 4.0 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/websocket/Comet.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash4de3e8bcf2f02d60519ca0d3584d3b8e 6323c2bf18b1bbf968e164bdf2e58d7677f67f8a 6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"60f60fb5-43bc"
Date: Tue, 16 Apr 2024 10:06:35 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Thu, 16 May 2024 10:06:35 GMT
Age: 1946719
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: d28bcc07cf8e32eeaa55230ea3748c3f
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/websocket/CometMarathon.js | 103.198.200.1 | 200 OK | 3.3 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/websocket/CometMarathon.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash3b4680db1e065116488f065419ca9f58 6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"6260ddd4-2f13"
Date: Tue, 16 Apr 2024 10:05:17 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Thu, 16 May 2024 10:05:17 GMT
Age: 1946797
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 1818b1d8f66f784d13bafc3b6682d798
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/idangerous.swiper.min.js | 103.198.200.1 | 200 OK | 12 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/idangerous.swiper.min.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, ASCII text, with very long lines (32034) Hashf15409fb02c527ce1f66a2fd3c4aa0e9 1e1e1bcc0f49e99e14ba34991cffe0745178d302 1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64d5b951-b083"
Date: Tue, 16 Apr 2024 10:06:35 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Thu, 16 May 2024 10:06:35 GMT
Age: 1946720
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: 4ed2dba71cdbc74bb9fd53a3bbe4271b
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/lazyload.js | 103.198.200.1 | 200 OK | 2.7 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/lazyload.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash58f1a7fa1a19b0e5ad0a5bad974b98cf 6963ce7378e6c992de06e7e77d79432a0d38f54d fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64d05f66-2f79"
Date: Tue, 16 Apr 2024 10:05:15 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Thu, 16 May 2024 10:05:15 GMT
Age: 1946799
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: de8704d8f6e511f6549fd36a0a7b37ea
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/themes/hongbao.css | 103.155.16.137 | 200 OK | 5.7 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/themes/hongbao.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeUnicode text, UTF-8 text, with very long lines (336) Hash499a3a64bcf22609681f5337a6360c80 fc05a8a391c8375ea4e47183eca56a18bed8fca7 5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7ngdqc.lxhhf.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"64252e4f-d530"
Date: Tue, 16 Apr 2024 10:38:26 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Thu, 16 May 2024 10:38:26 GMT
Age: 1944808
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: 0fa1c91d3721cbafd6b1a175c1f558dd
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/themes/gui-layer.css | 103.155.16.137 | 200 OK | 6.9 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/themes/gui-layer.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeUnicode text, UTF-8 text, with very long lines (489) Hash858eefc3fa70af7d0115c901908471f5 29c181bbbc09a424f7de7cb57629bd8a9e3c679a 9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7ngdqc.lxhhf.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: W/"64ddd5e1-c760"
Date: Tue, 16 Apr 2024 10:38:26 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Thu, 16 May 2024 10:38:26 GMT
Age: 1944808
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-20
X-Cdn-Request-ID: 72399d0b0713e4c32cdba0ad13d774c3
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/bootstrap-dialog.min.js | 103.198.200.1 | 200 OK | 5.0 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/bootstrap-dialog.min.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, ASCII text, with very long lines (20132), with no line terminators Hash5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-4ea4"
Date: Tue, 16 Apr 2024 10:06:42 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 10:06:42 GMT
Age: 1946712
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: ba5a338185049a1a596b7f8270747aa1
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/gui-base.js | 103.198.200.1 | 200 OK | 16 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/gui-base.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (11056) Hash4007cfe0a95df1d6a9f4252e636f995f b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8 4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"64ddbaed-ee5c"
Date: Tue, 16 Apr 2024 10:05:17 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Thu, 16 May 2024 10:05:17 GMT
Age: 1946798
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: e15dd89987b466619096453ff30bd574
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/layer.js | 103.198.200.1 | 200 OK | 7.6 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/layer.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (21922) Hashc42797aecccd5494e2b747cedf1a890b b9e06a6d245b6a3c87f2753db0c9c9aa020640b2 56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-55f6"
Date: Tue, 16 Apr 2024 10:05:18 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 10:05:18 GMT
Age: 1946796
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: 9ff26500b25511537f93d3c397c80426
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/jquery/jquery.super-marquee.js | 103.155.16.137 | 200 OK | 1.4 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4433), with no line terminators Hashf77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: W/"5d848f4f-1151"
Date: Mon, 22 Apr 2024 18:43:50 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 18:43:50 GMT
Age: 1397285
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-11
X-Cdn-Request-ID: f1e82126ff6089cdab24095595205567
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js | 103.198.200.1 | 200 OK | 34 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, ASCII text, with very long lines (32038) Hashb091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"5d848f4f-176d4"
Date: Tue, 16 Apr 2024 10:05:18 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 10:05:18 GMT
Age: 1946797
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 77f91c2306f3973f470d987ab5685bab
|
|
| 7ngdqc.lxhhf.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js | 103.198.200.1 | 200 OK | 4.1 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators Hash4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"655579ca-3a09"
Date: Tue, 07 May 2024 13:53:04 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Thu, 06 Jun 2024 13:53:04 GMT
Age: 118731
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-08
X-Cdn-Request-ID: 7b66043eca61e29ebdd7186b3dbe26b4
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js | 103.155.16.137 | 200 OK | 17 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, ASCII text, with very long lines (64577) Hashb5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: W/"5d848f4f-fc8b"
Date: Mon, 22 Apr 2024 18:43:51 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 18:43:51 GMT
Age: 1397284
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-20
X-Cdn-Request-ID: d494c502a78e0d777549cbc935b4e162
|
|
| 7ngdqc.lxhhf.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js | 103.198.200.1 | 200 OK | 7.7 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (27669) Hashf8c2b37c1dc626eede6a2e3e37aa4504 d4e8419497caa64c8a850ac4808dddb89b5eeb3f 728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"655579ca-6caf"
Date: Tue, 07 May 2024 13:53:05 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Thu, 06 Jun 2024 13:53:05 GMT
Age: 118730
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: e7cc5b55b8b32485e05a1eea2f46e821
|
|
| 1111968.com/ftl/commonPage/images/partner/partner-hongtu-goldGradient.png | 20.222.191.152 | 200 OK | 87 kB |
URL GET HTTP/21111968.com/ftl/commonPage/images/partner/partner-hongtu-goldGradient.png IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typePNG image data, 4964 x 72, 8-bit colormap, non-interlaced Hashf27ded2561ffd51a112741a1d783230d b5382b043f37a2cd93e802472958d8b49c14241f db4f7cbfc843c8b3915a389d8002aa727adb6f39f0789e63762c609ac9c835dd
GET /ftl/commonPage/images/partner/partner-hongtu-goldGradient.png HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:55 GMT
content-type: image/png
content-length: 86597
last-modified: Mon, 08 Apr 2024 09:30:15 GMT
etag: "6613b927-15245"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=86400
uuid: -
out-line: gb-cdn-132
x-country: NO
x-cache: HIT, HIT@wakamonom000001
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/moment.js | 103.198.200.1 | 200 OK | 27 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/moment.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash36c8f828395a9395549bd6e7307cb7e9 f30a4961558e2d3d4405e7d93aa28fdb63245e78 5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64b633ca-1cab9"
Date: Tue, 16 Apr 2024 10:05:18 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Thu, 16 May 2024 10:05:18 GMT
Age: 1946797
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 0b58eb3ab6ab5553d22a649eb215144c
|
|
| 7ngdqc.lxhhf.com/061410/rcenter/common/static/css/gb.validation.min.css | 103.198.200.1 | 200 OK | 3.8 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/061410/rcenter/common/static/css/gb.validation.min.css IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeUnicode text, UTF-8 text, with very long lines (2295) Hashf00ce0554efc5adea6a8e02d5e501cad 388840e376568b37ac0103aa5c87a268778db67a 3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"633d510e-2d52"
Date: Tue, 07 May 2024 13:53:03 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Thu, 06 Jun 2024 13:53:03 GMT
Age: 118732
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: ce4127b6fcfd212e419fa0e0727ceeb7
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/themes/hb/css/pc.css | 103.155.16.137 | 200 OK | 911 B |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/themes/hb/css/pc.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
Hash1da71520b7a0a61526a8fa8d0feb40d1 ba1bf69dad8783563328054cae58ccabf1b00829 5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"5d848f4f-b5d"
Date: Mon, 22 Apr 2024 18:43:49 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 18:43:49 GMT
Age: 1397286
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: e0e195c74ebcce95a3fcb6fb2b7c6357
|
|
| 7ngdqc.lxhhf.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1714556748154 | 103.198.200.1 | 200 OK | 5.2 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1714556748154 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (801) Hash30be40425b37bee4158676082cef1f4d b41ed46721936872d5d7eadf303ce22938240d2a f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1714556748154 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"633d510e-7fd7"
Date: Tue, 07 May 2024 13:53:04 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Thu, 06 Jun 2024 13:53:04 GMT
Age: 118731
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: fc0c3b610905ca6aa6737981b1ac7c79
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 | 103.155.16.137 | 200 OK | 3.1 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
Hash5cf9259b7dd27aacd46161ec23d261cf ba0c399616a5ae9cdd8aec5b76ba4aae4822367c 7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"6131d862-48e4"
Date: Mon, 22 Apr 2024 18:43:52 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Wed, 22 May 2024 18:43:52 GMT
Age: 1397283
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-11
X-Cdn-Request-ID: 9e85547cde14b44fc7e4d6c7e173d0b1
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg | 103.198.200.1 | 200 OK | 6.9 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3 Hash99be4bfe275809d4e436b77c991b1381 54eadee77394eb62ccf377ae68d9f49acb5b6785 4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5d848f4f-1ad7"
Date: Tue, 16 Apr 2024 10:06:41 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 10:06:41 GMT
Age: 1946715
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 9d564e57b8fb8482f45c4a2568a3fb60
|
|
| 1111968.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png | 20.222.191.152 | 200 OK | 6.1 kB |
URL GET HTTP/21111968.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash30eb0e841ea47a1f05854ebca3f9e9c1 0cb9874c32ff8837c1ffaf89cba502ceb3483b2b 382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:57 GMT
content-type: image/png
content-length: 6087
last-modified: Wed, 11 Aug 2021 06:10:54 GMT
etag: "611369ee-17c7"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=86400
uuid: -
out-line: gb-cdn-132
x-country: NO
x-cache: HIT, HIT@wakamonom000001
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7ngdqc.lxhhf.com/fserver/files/gb/177/carousel/10034/1586594592602.jpg?wsSecret=2f599f486bc42823dad7bdc9db115b49&wsTime=1715208716 | 103.198.200.1 | 200 OK | 178 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/fserver/files/gb/177/carousel/10034/1586594592602.jpg?wsSecret=2f599f486bc42823dad7bdc9db115b49&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x534, components 3 Size178 kB (177821 bytes) Hash23c0c2fe33c518fc0b302870f869634b 8b6e4bf7b0731f623a044eb64414704d38420e0f 70c8a6694c7a7b2ab161b2b3e98ee8e0ed8b09b1d2fa9da92bf02db6e4f1d9c0
GET /fserver/files/gb/177/carousel/10034/1586594592602.jpg?wsSecret=2f599f486bc42823dad7bdc9db115b49&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 177821
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "637a05a5-2b69d"
Date: Wed, 17 Apr 2024 03:00:12 GMT
Last-Modified: Sun, 20 Nov 2022 10:47:01 GMT
Expires: Fri, 17 May 2024 03:00:12 GMT
Age: 1885903
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 427dbc65a2651e8177d5cc68dd4c20d1
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/topBg.jpg?wsSecret=3f54410434e73e4aec61e18f24a00a47&wsTime=1715208716 | 103.198.200.1 | 200 OK | 1.7 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/topBg.jpg?wsSecret=3f54410434e73e4aec61e18f24a00a47&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 58x151, components 3 Hash0a5bf1cb2035e921856c31c276b84edc 85fff45f0c4c19f1ee7fe7a5c88819654be2a3a6 0f47bce4b8f4ce9713ead513b7fcbb09b54a3b84d66848d0ab38b4362e52ab59
GET /ftl/venetian177/themes/images/topBg.jpg?wsSecret=3f54410434e73e4aec61e18f24a00a47&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 1701
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "5d2c760e-6a5"
Date: Tue, 16 Apr 2024 10:10:27 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:10:27 GMT
Age: 1946489
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: a892b87b75fd760ec2ab4d558b28d09f
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/login1.png?wsSecret=ad2d4f4dc8176014a4e525e11e72bfd1&wsTime=1715208716 | 103.198.200.1 | 200 OK | 779 B |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/login1.png?wsSecret=ad2d4f4dc8176014a4e525e11e72bfd1&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 142 x 31, 8-bit/color RGBA, non-interlaced Hash77c4ca2fe362f79f8b3c5e6991f5b17d 4491bab5e2981a56315bae0e1ac7edf16e81cc3c 4799d8dd8850fd45faf99fcf0e2478340c0ed4a0d1f9c1d7e93807914cb85d11
GET /ftl/venetian177/themes/images/login1.png?wsSecret=ad2d4f4dc8176014a4e525e11e72bfd1&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5d2c760e-30b"
Date: Tue, 16 Apr 2024 10:10:27 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:10:27 GMT
Age: 1946489
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 5dac0ff6f84fe79e4eebd269293a79a5
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/images/slogan.png?wsSecret=10b2fbd3d0d377e72567e1d91d33e676&wsTime=1715208716 | 103.155.16.137 | 200 OK | 7.5 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/images/slogan.png?wsSecret=10b2fbd3d0d377e72567e1d91d33e676&wsTime=1715208716 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 229 x 47, 8-bit/color RGBA, non-interlaced Hashe0262c056b3cbd67f97f82e376b76a73 91e9d2b44eebb5a532947a1768a7ef25deaddffb 129ede663130529cad2374d510a49e9f13e405e54173c2d99db7edea832d199f
GET /ftl/venetian177/images/slogan.png?wsSecret=10b2fbd3d0d377e72567e1d91d33e676&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7469
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "64794acc-1d2d"
Date: Tue, 16 Apr 2024 10:38:28 GMT
Last-Modified: Fri, 02 Jun 2023 01:50:04 GMT
Expires: Thu, 16 May 2024 10:38:28 GMT
Age: 1944808
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 91177b3e02cb20ceee4e7b1b0db03072
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/langs.png?wsSecret=9c7ca04e60d7b7394ed85661c0a95536&wsTime=1715208716 | 103.155.16.137 | 200 OK | 3.1 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/langs.png?wsSecret=9c7ca04e60d7b7394ed85661c0a95536&wsTime=1715208716 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 74 x 16, 8-bit/color RGBA, non-interlaced Hash4f496caec9a1d64a79fc5f47729253f1 d3bda8f30c11d76f7e050d9d54cc846c4089656d 69d5eaa2ae9b13f35eab0ef6a634168303a7139cb6fc67839b057e85568f3c39
GET /ftl/venetian177/themes/images/langs.png?wsSecret=9c7ca04e60d7b7394ed85661c0a95536&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3067
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: "5d2c760e-bfb"
Date: Tue, 16 Apr 2024 10:38:29 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:38:29 GMT
Age: 1944807
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-09
X-Cdn-Request-ID: 411c6b4ba52b37751090a288863bfdf8
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/login2.png?wsSecret=77a8c09bd151ae2aae3a7edb12eca6af&wsTime=1715208716 | 103.198.200.1 | 200 OK | 807 B |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/login2.png?wsSecret=77a8c09bd151ae2aae3a7edb12eca6af&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 142 x 31, 8-bit/color RGBA, non-interlaced Hash05de8b444bec05f77e6e96f7b7801630 838ec29d99379efe4a0385a525f2784563e78279 85c15f2a75af098275c0d71d71d400adbccaa2222a012a77251046827c6af925
GET /ftl/venetian177/themes/images/login2.png?wsSecret=77a8c09bd151ae2aae3a7edb12eca6af&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 807
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5d2c760e-327"
Date: Tue, 16 Apr 2024 10:10:27 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:10:27 GMT
Age: 1946489
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: f2ca40a626d2fcf40732b65e6eea98f3
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/notice-bg.png?wsSecret=bc01d146459f7e079e74fae0e5fd55d5&wsTime=1715208716 | 103.155.16.137 | 200 OK | 7.5 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/notice-bg.png?wsSecret=bc01d146459f7e079e74fae0e5fd55d5&wsTime=1715208716 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 1049 x 51, 8-bit/color RGBA, non-interlaced Hashb7ff659aed428c8d71293c2dff1bdeab ee44739936cd700f9b84688c39dcb8f3c56c942b 57b0151a51eec1402dd91f33a0540c9c9c78e3b6a450370c774eae5c90be42e6
GET /ftl/venetian177/themes/images/notice-bg.png?wsSecret=bc01d146459f7e079e74fae0e5fd55d5&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7519
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: "5d2c760e-1d5f"
Date: Tue, 16 Apr 2024 10:38:28 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:38:28 GMT
Age: 1944809
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 7bf40fb39893bd0c4a521db321501403
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/indexBg.jpg?wsSecret=6bd4d996e0f1fb55400712d2da92d2c7&wsTime=1715208716 | 103.155.16.137 | 200 OK | 379 B |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/indexBg.jpg?wsSecret=6bd4d996e0f1fb55400712d2da92d2c7&wsTime=1715208716 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x410, components 3 Hasha2ebdc13d4ac1975f8f82b1b9364e8ff bbbe2b61edb70f0e9f9f46cf6292f099476a4309 3c5315f4c00b02c6da6d35a52cf3e6a79b7f8aa8cab9666b8e221fdceaa77109
GET /ftl/venetian177/themes/images/indexBg.jpg?wsSecret=6bd4d996e0f1fb55400712d2da92d2c7&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 379
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "5d2c760e-17b"
Date: Tue, 16 Apr 2024 10:38:29 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:38:29 GMT
Age: 1944808
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-02
X-Cdn-Request-ID: b8ad4b98ef3d16910b878a1982646528
|
|
| 7ngdqc.lxhhf.com/fserver/files/gb/177/carousel/10050/1686054216648.jpg?wsSecret=bbbabc1b83ca46120bd9c5e44b537ed9&wsTime=1715208716 | 103.198.200.1 | 200 OK | 584 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/fserver/files/gb/177/carousel/10050/1686054216648.jpg?wsSecret=bbbabc1b83ca46120bd9c5e44b537ed9&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x500, components 3 Size584 kB (583606 bytes) Hash7e4c601d43db5b1b5177dd1ac6a7c6f8 426343d3159d097f3c8cfe584fa6062563b6fbde 622c9b0246a7fbf366e6ba47f629182bfad77cf41ad94021e0b7055704107d4d
GET /fserver/files/gb/177/carousel/10050/1686054216648.jpg?wsSecret=bbbabc1b83ca46120bd9c5e44b537ed9&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 583606
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "647f2548-8e7b6"
Date: Wed, 17 Apr 2024 03:00:14 GMT
Last-Modified: Tue, 06 Jun 2023 12:23:36 GMT
Expires: Fri, 17 May 2024 03:00:14 GMT
Age: 1885901
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: ed32f7dc04cd76152d09b9a4a7a72168
|
|
| 7ngdqc.lxhhf.com/fserver/files/gb/177/Logo/1/1594714783181.png?wsSecret=13ef2af2d19c083c134a89bdf6126ef5&wsTime=1715208716 | 103.198.200.1 | 200 OK | 61 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/fserver/files/gb/177/Logo/1/1594714783181.png?wsSecret=13ef2af2d19c083c134a89bdf6126ef5&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 480 x 120, 8-bit/color RGBA, non-interlaced Hash4a9ac319ef36f2658a655881a628546b 15d36d95f7a6b9c207874a985cca734c70c9dd86 768929112e0ff76f7cbaf479b4645196bf97730431749e55d0ca18a0c27c5f43
GET /fserver/files/gb/177/Logo/1/1594714783181.png?wsSecret=13ef2af2d19c083c134a89bdf6126ef5&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 61378
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5f0d6b50-efc2"
Date: Wed, 17 Apr 2024 03:00:14 GMT
Last-Modified: Tue, 14 Jul 2020 08:22:40 GMT
Expires: Fri, 17 May 2024 03:00:14 GMT
Age: 1885902
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 12e571e004008f3e41e794b50342d310
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png | 103.198.200.1 | 200 OK | 1.3 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced Hasha2e938202c0287b9c82461a6fd94dee9 b5e2adc7cb07c18a70a88af314e56b946ec1a1b6 df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7ngdqc.lxhhf.com/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5d848f4f-529"
Date: Tue, 16 Apr 2024 10:13:28 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 10:13:28 GMT
Age: 1946309
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: 85d834553cfb9665d8501c7d71f5937c
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/bottom-info.png?wsSecret=d2a9480e1d9e3dde33e9c09c2c98bde6&wsTime=1715208716 | 103.198.200.1 | 200 OK | 63 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/bottom-info.png?wsSecret=d2a9480e1d9e3dde33e9c09c2c98bde6&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 956 x 441, 8-bit/color RGBA, non-interlaced Hashd1e3ed9407490eae20d7fdaf19b10afa eb832559eb32b71ce9966f9840955ed6aaa0caa4 a63ab596303c44ed3934a6956d4ef4d48ce429d76deede30ab65ab1f2befb7b8
GET /ftl/venetian177/themes/images/bottom-info.png?wsSecret=d2a9480e1d9e3dde33e9c09c2c98bde6&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 62603
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "613c72d3-f48b"
Date: Tue, 16 Apr 2024 10:10:26 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:47 GMT
Expires: Thu, 16 May 2024 10:10:26 GMT
Age: 1946491
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-08
X-Cdn-Request-ID: 947829bc4bf4118d86964e1756ef991e
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/themes/images/index1.jpg?wsSecret=332455d6e9ed88826759a1f91570a8d7&wsTime=1715208716 | 103.155.16.137 | 200 OK | 107 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/themes/images/index1.jpg?wsSecret=332455d6e9ed88826759a1f91570a8d7&wsTime=1715208716 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1004x410, components 3 Size107 kB (107023 bytes) Hash3ce81a4b2e0a2fc2787386f08d0dfe7e 48a466af8dfe8ed638d5f352637c92ee78819a46 d1cc534cc1ee5239cbe69abb843316e7eff3514cff4585421430a96a6c2a9971
GET /ftl/venetian177/themes/images/index1.jpg?wsSecret=332455d6e9ed88826759a1f91570a8d7&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 107023
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "5d2c760e-1a20f"
Date: Tue, 16 Apr 2024 10:38:29 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:38:29 GMT
Age: 1944808
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 720666f5962d48bd5066df3642e7a389
|
|
| 7ngdqc.lxhhf.com/ftl/venetian177/images/banner.jpg?wsSecret=4c3d7561545332cf796ff51a104a951d&wsTime=1715208716 | 103.155.16.137 | 200 OK | 217 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/venetian177/images/banner.jpg?wsSecret=4c3d7561545332cf796ff51a104a951d&wsTime=1715208716 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x534, components 3 Size217 kB (216668 bytes) Hash7af6f3703b46f2a02adbc20bd5a83860 80a30244986aa290a07c58f80d701a299908e001 b6833e9d2710e0aaa34480f31f450d3ecc9f17836fbbb44b30d89e1a3a1245ab
GET /ftl/venetian177/images/banner.jpg?wsSecret=4c3d7561545332cf796ff51a104a951d&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 216668
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "5d2c760e-34e5c"
Date: Tue, 16 Apr 2024 10:38:29 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:14 GMT
Expires: Thu, 16 May 2024 10:38:29 GMT
Age: 1944808
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 48366e9ddfcbd4e48b93f9e1c2bd4154
|
|
| 7ngdqc.lxhhf.com/ftl/commonPage/images/favicon/favicon_177.png?wsSecret=b8a75bbb0c15e2e4a5ef4d6142621e34&wsTime=1715208716 | 103.198.200.1 | 200 OK | 2.6 kB |
URL GET HTTP/1.17ngdqc.lxhhf.com/ftl/commonPage/images/favicon/favicon_177.png?wsSecret=b8a75bbb0c15e2e4a5ef4d6142621e34&wsTime=1715208716 IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerUnizeto Technologies S.A. Subject*.lxhhf.com Fingerprint8D:5A:ED:78:BB:FB:17:9F:37:EA:A1:21:80:F7:F6:0A:13:DC:98:38 ValidityTue, 05 Dec 2023 08:15:55 GMT - Wed, 04 Dec 2024 08:15:54 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash322e2cf43df14cec1c361cc9c1ccd1bd 6852807da7f3828286e54b9e96307cd0f3f6b4d3 956ff2d2e2f31b5da2f99ed0ac8102747bc02674c5ac96e0e20e417bbd97a1ea
GET /ftl/commonPage/images/favicon/favicon_177.png?wsSecret=b8a75bbb0c15e2e4a5ef4d6142621e34&wsTime=1715208716 HTTP/1.1
Host: 7ngdqc.lxhhf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2615
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6311d300-a37"
Date: Tue, 16 Apr 2024 10:10:27 GMT
Last-Modified: Fri, 02 Sep 2022 09:55:12 GMT
Expires: Thu, 16 May 2024 10:10:27 GMT
Age: 1946490
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: f4780e2b1825f88370a66ad72eb0380a
|
|
| 1111968.com/headerInfo.html?t=lvyezg3p | 20.222.191.152 | 200 OK | 9.6 kB |
URL GET HTTP/21111968.com/headerInfo.html?t=lvyezg3p IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typegzip compressed data, max compression, from Unix Hash6506d4fb18a40ea747887476e8178379 6e5b5d54a22c3a05119490d98f52a21f3fcb5a42 790d2ef433e521e7bcc721a9698f7107c76cf7c5905f694ca140461f7ebfd9ef
GET /headerInfo.html?t=lvyezg3p HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-disposition: inline;filename=f.txt
sub-sys: msite
content-encoding: gzip
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-17152087175b10
out-line: gb-cdn-806
x-country: NO
x-cache: BYPASS@wakamonom000001
X-Firefox-Spdy: h2
|
|
| 1111968.com/mobile-api/v5/origin/loginSwitchCheck.html | 20.222.191.152 | 200 OK | 3.5 kB |
URL GET HTTP/21111968.com/mobile-api/v5/origin/loginSwitchCheck.html IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
Hash1452cebf3e2bb129b06762f43f09e5c8 0ec65f1e79233e8c59f76c55fb89ac8637cfb070 99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:57 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-1715208717882c
out-line: gb-cdn-806
x-country: NO
x-cache: BYPASS@wakamonom000001
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 1111968.com/index/getUserTimeZoneDate.html?t=lvyezfu8 | 20.222.191.152 | 200 OK | 119 B |
URL GET HTTP/21111968.com/index/getUserTimeZoneDate.html?t=lvyezfu8 IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash0c23cfb46c781edd9b20f41eb885edce c289ea7dfd655ce903a564319f44b81b88ae7095 5ac0ac30561e4c0376f1d80dc9d52bd063db8b493f95efd8f07c26aeeafd1b06
GET /index/getUserTimeZoneDate.html?t=lvyezfu8 HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: route=ed8de952ed57247bb4b5c65efa859ad5; Path=/
content-disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-17152087163f80
out-line: gb-cdn-806
x-country: NO
x-cache: BYPASS@wakamonom000001
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 1111968.com/mobile-api/v5/origin/getThirdParam.html | 20.222.191.152 | 200 OK | 103 B |
URL GET HTTP/21111968.com/mobile-api/v5/origin/getThirdParam.html IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash696fb49ead30121d5513e1c2b60d42a2 dd34a288bf6b0e4c295c1bb848705f58ba5f245d c030ec18bd43fe0351659670355a8fc897e26b6a34b990e8a4878a51b76a268d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Bet365 |
GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:57 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-17152087178b56
out-line: gb-cdn-806
x-country: NO
x-cache: BYPASS@wakamonom000001
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 1111968.com/mobile-api/v5/origin/getFloat.html | 20.222.191.152 | 200 OK | 3.6 kB |
URL POST HTTP/21111968.com/mobile-api/v5/origin/getFloat.html IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (4125), with no line terminators Hash0e172865e906f72a46826e53d91b0876 af796b2f9d312c149445fd0e85374f04c81ff7da 3e3282d2c81ccda8826a8be0af5443243005a77893e73dc9d37716d440973997
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://1111968.com
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:56 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
access-control-allow-origin: https://1111968.com
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
content-encoding: gzip
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-1715208716f4d2
out-line: gb-cdn-806
x-country: NO
x-cache: @wakamonom000001
X-Firefox-Spdy: h2
|
|
| | 20.222.191.152 | 200 OK | 391 kB |
URL User Request GET HTTP/2IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
Size391 kB (390675 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-html-cache: HIT-3600
x-frame-options: SAMEORIGIN
uuid: -
out-line: gb-cdn-806
content-encoding: gzip
x-country: NO
x-cache: BYPASS@wakamonom000001
X-Firefox-Spdy: h2
|
|
| 1111968.com/mobile-api/v5/chess/getActivityMsg.html?function=sign | 20.222.191.152 | 200 OK | 141 B |
URL GET HTTP/21111968.com/mobile-api/v5/chess/getActivityMsg.html?function=sign IP20.222.191.152:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerLet's Encrypt Subject1111968.com Fingerprint55:41:26:53:B3:D8:75:BF:B7:57:A2:47:7B:1D:07:3F:47:6B:DE:12 ValidityWed, 06 Mar 2024 15:32:41 GMT - Tue, 04 Jun 2024 15:32:40 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hashfda3d3714996a16fd8380acab2d2a4aa 6f43ab4b082cf508edbb5e43045b6dd969026d17 46fc02d95ef6ba7eeb28d215d72cc4f70bae0717d3fbd63c8c7969a65e165483
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: 1111968.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1111968.com/
Cookie: sticket=VlpMWhZbVEwTFRGa1; route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Wed, 08 May 2024 22:51:57 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: route=66776b881a59021b52807ef9298664ac; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 00177-01-00000000-17152087176324
out-line: gb-cdn-806
x-country: NO
x-cache: BYPASS@wakamonom000001
content-encoding: br
X-Firefox-Spdy: h2
|
|