Report - p551006.com/

Report Overview

Submitted URL
p551006.com/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 05:57:41
Access
public
Website Title
BET365
Final URL
55100bet365.com/
Tags
bet365 gambling phishing
urlquery detections
Phishing - Bet365

Detections

urlquery
24
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
p551006.com	unknown	unknown	No data	No data	466 B	834 B	188.114.96.1
55100bet365.com	unknown	2024-01-17	2024-01-17	2024-03-22	7.2 kB	612 kB	188.114.96.1
brhrjf.gaokejd.xyz	unknown	2019-07-19	2024-01-18	2024-04-17	15 kB	1.5 MB	103.198.200.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	p551006.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365
2024-04-19	medium	55100bet365.com/	Bet365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed
2024-04-24	medium	55100bet365.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	55100bet365.com/	27 B	2023-10-16	2024-05-02
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-16 02:24:16 Last Seen2024-05-02 21:52:04 Times Seen164 Hash b590ec6bd0af094343239fd585e1c19b dce58250f1f84d7d12eb546f5a9a27c92368e5a0 1bd038746db102bc2b37cf9c6a5aa3a9a7b8c4897a9656d1700b716e52756849 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/gui-base.js	61 kB	2023-08-26	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/gui-base.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-26 00:19:56 Last Seen2024-05-04 08:43:14 Times Seen3433 Hash e6ce47d880d7a50ddf91b074c8572edf 6a3657c67209136e5b544859daecf16f2d153b72 c49e04c7ecfd07c74b58cf161ef2b58f2bc837a9091ed1ae090a33734cdaa734 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/layer.js	22 kB	2023-04-05	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/layer.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6465 Hash cb96339625e9d456e32f86cdb3c7a7a1 1301165c58bbb13c542cba493b7ab5774e87e31f 17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js	4.4 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12978 Hash f77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7 Loading...

	55100bet365.com/	48 B	2023-03-07	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen6471 Hash 37f0336a6fe3f56c661b149ecf659efe 9aff4163d5da3b8d760f0593c583dd8d1f6dfc14 f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-05-04 08:43:14 Times Seen13599 Hash b091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10 Loading...

	brhrjf.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js	28 kB	2023-04-05	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:13 Times Seen6466 Hash 9c41709c2b64126b909c101a27f39153 4ab666b36c092577acb41390ad90e96d5fea7711 c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60 Loading...

	55100bet365.com/message_zh_CN.js?v=1713347147191	32 kB	2023-12-07	2024-05-04
Pretty URL 55100bet365.com/message_zh_CN.js?v=1713347147191 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 04:18:39 Last Seen2024-05-04 08:43:14 Times Seen1735 Hash 879e0d38aaa72a30c1987722f24ef0ff a71947b06e5ff779946d15db8877a103a5432036 fd47dca609ede55de5f51d756c967b63f0d223330e6eef19df0c3659e1bd9a55 Loading...

	55100bet365.com/	1.1 kB	2024-04-11	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 17:47:49 Last Seen2024-05-04 01:36:06 Times Seen230 Hash f430889e57d1f366b5b08cb58a3b8942 439179f3b673eecadb0a551dfa953eaf649be8a8 c950dc3e3086e6f4fe3c32a2464ef623d8cf324b928a0d3818fa7f97f9fb3d11 Loading...

	55100bet365.com/	710 B	2024-01-18	2024-05-02
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-18 15:31:45 Last Seen2024-05-02 21:52:04 Times Seen103 Hash 1303ea8b792185b8b7b452be0dcb9356 32d1776cc4d38a170a64261024d21ef8cfbca4e5 6cf30cf03f98e4193b0ea556e2d283cbd979aab0017434fbe7d3957a4dc5daa3 Loading...

	brhrjf.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191	33 kB	2023-04-05	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191 IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6578 Hash a55780dc13cbf1a8d375f14ebb659cf2 9548cc269bcde0dc48e166fa6bab37af8a649e57 35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js	2.1 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12982 Hash 07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js	12 kB	2023-04-05	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6476 Hash 466a7ed7d00986d45375c0cbffb5233c 68845ead668e9abd29c24b491dbf97b219226c08 7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123 Loading...

	55100bet365.com/	23 kB	2024-04-24	2024-04-28
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 07:57:48 Last Seen2024-04-28 18:06:02 Times Seen16 Hash f5b3327ee3e52bc545f7214ce632cb55 18eb9d4cc9a7cb16847f98939068d33920b00782 fec2861270d729cf495a5d8ca781ce58111f767d228c8d5276d03dce1abce941 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/moment.js	117 kB	2023-07-29	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/moment.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-29 10:21:40 Last Seen2024-05-04 08:43:14 Times Seen8890 Hash 36c8f828395a9395549bd6e7307cb7e9 f30a4961558e2d3d4405e7d93aa28fdb63245e78 5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33 Loading...

	55100bet365.com/	13 kB	2023-04-05	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6477 Hash 109d40ff6f9b3510b169fac4b8e845ce 4ce0fc768718f555487159ddd745e728a0c74c64 7b782f2e9589aa72ddadf4546c0f09709c73bea1339cd0ce893dfc40f6252949 Loading...

	55100bet365.com/	11 kB	2023-04-05	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6451 Hash 6681856885ee92601b7711c11d19553f 95ab4437869df8c790cad28e0753a4c9ea362e73 ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23 Loading...

	55100bet365.com/	3.6 kB	2023-04-05	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6449 Hash d15a9b513acdcf3e9b08901384511565 f1fe72392137895e4952f835c0330f76aacfecdf 9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js	45 kB	2023-08-15	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 12:01:05 Last Seen2024-05-04 08:43:14 Times Seen7942 Hash f15409fb02c527ce1f66a2fd3c4aa0e9 1e1e1bcc0f49e99e14ba34991cffe0745178d302 1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js	17 kB	2023-04-05	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6481 Hash 1008fe6a5e1a182d7775963b85405bb2 e174a7b08cc3cb5545af1cd33d2814e604119392 7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20 Loading...

	brhrjf.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js	15 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12977 Hash 4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9 Loading...

	55100bet365.com/	25 kB	2024-04-24	2024-04-28
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 07:57:48 Last Seen2024-04-28 18:06:02 Times Seen16 Hash ded864dde49c7024b63d4536aefd7114 b7a686986b94b75d3d14005d6fe81bcfd730a122 c5449521afa13041ecdd8c2e8e948181e12503454be2090536c90ea1003fbb10 Loading...

	55100bet365.com/	20 kB	2023-04-05	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6445 Hash 9f5bce1aa50f72fd0834901c70db4f43 41771079bee5eb45539e694a5eff580732ab26b0 a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd Loading...

	55100bet365.com/	6 B	2023-03-07	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen7347 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	55100bet365.com/	1.8 kB	2023-04-05	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6441 Hash 9f1681b5a72417b33c2869aab85af152 b40a6d9c6d058c2bd6e126a1b0191182926b9d04 eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/float.js	7.0 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/float.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12983 Hash 829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js	20 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen13004 Hash 5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811 Loading...

	55100bet365.com/	2.6 kB	2023-11-23	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-23 15:36:17 Last Seen2024-05-04 08:43:14 Times Seen2139 Hash 9c3f7d9e5de3b764c32a679ad06ae3db 9ab260e36b46c6ca6f58066ee914f3826d86a37f fefe9a763127c0f92edfe95be1000aeed2eda7690482769c90dc9488dbe5d33a Loading...

	55100bet365.com/	128 kB	2024-04-11	2024-05-02
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 07:38:46 Last Seen2024-05-02 21:52:04 Times Seen31 Hash 89892e52af87aeb5e1954a58ba4874e2 673ab6344af1779f59bf386c4c63d49e8b9e8811 8c8ea237e9d8fa27da464edac09710cb232d13d17561bc39aa719dfba91ea380 Loading...

	55100bet365.com/	1.4 kB	2023-08-21	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-21 11:10:45 Last Seen2024-05-04 08:43:14 Times Seen3824 Hash 479c01001c455527cf2aafec087accad 230c5d853a00977d890c25cb56b5a07c5e0acd0e 0ad2a7081ff475ce3a2068fe69547248166c0fd39f26fbf03f2ac5db073a16cf Loading...

	55100bet365.com/	3.5 kB	2023-10-24	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 11:42:08 Last Seen2024-05-04 08:43:14 Times Seen2918 Hash 7932637ac9b0a1125acfaeffa837b6af 01107a42cef642f68e70ef30502ecb6c0de6a0d6 f938651bd7efeb3c523dcca3df1c9a0cc63b12f604816c8e49636fda5b1b1c7e Loading...

	55100bet365.com/	2.0 kB	2023-11-22	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-22 16:18:01 Last Seen2024-05-04 08:43:14 Times Seen2147 Hash dd4934ec50598a49950c57836d268ba9 9830d9f40b0baf411ea1e7b7a4b65675cf35ae04 89e8ae92a48e530a676704a7858edcc65fdd1488e39280ba8da4cb80dc5729d5 Loading...

	55100bet365.com/	6.0 kB	2023-08-02	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 04:42:13 Last Seen2024-05-04 08:43:14 Times Seen4336 Hash e6ea297058f6d52d83390d9ea7f914aa 349df987c3c4c50687d993b31f83cfea7f796730 2f21ca2376a9112f70c12ecc46d75ff792b067f5edceae5ea06011c13cf14e56 Loading...

	55100bet365.com/	390 B	2023-04-05	2024-05-04
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6387 Hash 4e6bbb84979a27014e74be230fe8440f aafe0c1dba07e91354abfb25d154c0acbed24d61 03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74 Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/lazyload.js	12 kB	2023-08-15	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/lazyload.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 12:01:05 Last Seen2024-05-04 08:43:14 Times Seen3965 Hash d87854586672bff7f886a47da85da5ed 8d0537030dc7a81ade87a41a75fd5a75e4e33da1 17859187f895c27de8869fb6bfec579fd68c4588d0af71d08d334be92d144ada Loading...

	brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js	65 kB	2023-03-07	2024-05-04
Pretty URL brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen13216 Hash b5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e Loading...

	55100bet365.com/	728 B	2023-10-16	2024-05-02
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-16 02:24:16 Last Seen2024-05-02 21:52:04 Times Seen162 Hash 07f0aa64d54139eb046047ca794c5d50 f5f2630c265d92322ec15e4f3ce27d407881d4da 03c101b9202afa880d2a9aa1bc4c0fd3564dd30519570d8521deded0a6b91cbc Loading...

	55100bet365.com/	3.3 kB	2023-10-31	2024-05-02
Pretty URL 55100bet365.com/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 20:53:34 Last Seen2024-05-02 21:52:04 Times Seen147 Hash cb017848a1a5deb25786ff921148359f 9a67b3babbffc6ac95d0b034a7f6235b3e628d0a f0549ecb0e944a2f63572302ef3d553f56f8db564d87720bb1f9498955b5d40d Loading...

HTTP Transactions (48)

URL IP Response Size

p551006.com/

188.114.96.1

301 Moved Permanently

167 B

URL User Request GET HTTP/2
p551006.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectp551006.com
Fingerprint12:51:CE:68:32:16:66:CA:D9:78:9B:B9:12:2F:12:CD:F4:0F:74:83
ValidityMon, 04 Mar 2024 04:04:14 GMT - Sun, 02 Jun 2024 04:04:13 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET / HTTP/1.1
Host: p551006.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 05:57:13 GMT
content-type: text/html
content-length: 167
location: https://55100bet365.com
cache-control: max-age=3600
expires: Wed, 24 Apr 2024 06:57:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ug33wmbo76JGtbZiKE09N6ElSdjF6aVYeb017wW4WjnBWinqoaU7tUXLTBOp%2B9gfotixOLHjSj%2B6Z%2FXoppRhNcL2IdLroYiyDk8cjs0iVYtBCzuPF%2Bbcfl7%2FeoIiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793dac52b09b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

55100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads2.png

188.114.96.1

200 OK

19 kB

URL GET HTTP/3
55100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
PNG image data, 165 x 164, 8-bit/color RGBA, non-interlaced
Size
19 kB (19388 bytes)
Hash
b258a08f90e63c832cc32e4397aadb2e
7cc14a784d45d49b2177392acc86e363b8dc62d0
13e5348ceb8b66112851439602497e44bcb574bf16794598bce46340f784d533

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ftl/commonPage/zh_CN/pubads/images/ads2.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:14 GMT
content-type: image/png
content-length: 19388
last-modified: Fri, 20 Sep 2019 08:35:27 GMT
etag: "5d848f4f-4bbc"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:14 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUD%2BXPgaEPXb899clN2aMXHv8d273KPVCNzhx7m5m2BVqydyXmtJBBQVSatjPahXh3aaH1gQlCZn97jL87V5O%2BlwCXH8O5rdH64p56a9HT1FScRSGz2kWnYqyiwtjTniI0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daca5ca60afa-OSL
alt-svc: h3=":443"; ma=86400

55100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads1.png

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
55100bet365.com/ftl/commonPage/zh_CN/pubads/images/ads1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
PNG image data, 165 x 165, 8-bit/color RGBA, non-interlaced
Size
12 kB (11893 bytes)
Hash
b27e85b76f1b3dcdd4d98c789e51cfd9
ba8ec058785fd8a0e1405d6643175cd7cf92df28
01cf3c6ca09d7b6003faf27cdf6ff31dc52ec67f73070a6c81bfcb50b7b9ea4c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ftl/commonPage/zh_CN/pubads/images/ads1.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:14 GMT
content-type: image/png
content-length: 11893
last-modified: Fri, 20 Sep 2019 08:35:27 GMT
etag: "5d848f4f-2e75"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:14 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJQgNaXzx4Gciy7AGSFqJH%2BuKXDF3KNC0gvrO2%2FjmvtBi7pY9rJ9ZXAqnH%2BeAFsFUxVVaC99yb9e9dxACQdh8rj4JxS5dII5Hzw5CghSqki51IsRbZ%2F2pEFq%2FnVkrX4x804%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daca5ca40afa-OSL
alt-svc: h3=":443"; ma=86400

brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css

103.198.200.1

200 OK

17 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
Unicode text, UTF-8 text, with very long lines (12023)
Size
17 kB (17118 bytes)
Hash
d01c79296c69daae2357744b28ad3a08
6979c86432a04a8cc22818055bd599e10d13892e
03bae6f265bda27347f4697d37ddb03335678cf0a76d5a246ee1b02463294599

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17118
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"661623eb-14596"
Date: Tue, 16 Apr 2024 09:53:14 GMT
Last-Modified: Wed, 10 Apr 2024 05:30:19 GMT
Expires: Thu, 16 May 2024 09:53:14 GMT
Age: 677041
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 376bc7ca322686eba9b7acdf8c79734b

brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css

103.198.200.1

200 OK

6.3 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.3 kB (6253 bytes)
Hash
4f6eba52b6bdba2bd8154d39c61fcaab
11a91e977ab64175dc2ec233d45c6cf9d34798b0
b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64ad1569-7b6e"
Date: Tue, 16 Apr 2024 09:53:14 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Thu, 16 May 2024 09:53:14 GMT
Age: 677041
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 2e22b10c9ad0468bc5b5c0df4dc3174f

brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/common.css

103.198.200.1

200 OK

4.2 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/common.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (311)
Size
4.2 kB (4200 bytes)
Hash
e27166d661e2bf5353e49a6171edd474
8111915c0a316c8532f6547c458bb97cc4ca665a
92513e519e9e247930c91d719e6cfa16352400c09bfd8921460421ad02ae055a

HTTP Headers

GET /ftl/bet365-1761/themes/style/common.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 4200
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"652f38c4-4d04"
Date: Tue, 16 Apr 2024 09:53:16 GMT
Last-Modified: Wed, 18 Oct 2023 01:45:40 GMT
Expires: Thu, 16 May 2024 09:53:16 GMT
Age: 677039
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: d25e5be5af75371567be5990b76ceecc

brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/bootstrap-dialog.min.css

103.198.200.1

200 OK

625 B

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/bet365-1761/themes/style/bootstrap-dialog.min.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text
Size
625 B (625 bytes)
Hash
633098d68444fae4feec36e757a6498c
83244d45a17b6ba8fbf67c41b2ce4e2322db8421
7fd1c34d205f2165ee1b3cc3c2fe54af6f115c58bbd849907c3cf2be6814b159

HTTP Headers

GET /ftl/bet365-1761/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 625
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"651e5941-adc"
Date: Tue, 16 Apr 2024 09:53:15 GMT
Last-Modified: Thu, 05 Oct 2023 06:35:45 GMT
Expires: Thu, 16 May 2024 09:53:15 GMT
Age: 677040
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 0cd70bd9196d3d60b4d3228b7b708317

brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css

103.155.16.137

200 OK

6.9 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
Unicode text, UTF-8 text, with very long lines (489)
Size
6.9 kB (6923 bytes)
Hash
858eefc3fa70af7d0115c901908471f5
29c181bbbc09a424f7de7cb57629bd8a9e3c679a
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf

HTTP Headers

GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"64ddd5e1-c760"
Date: Tue, 16 Apr 2024 16:27:54 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Thu, 16 May 2024 16:27:54 GMT
Age: 653361
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: a6ac21e236ba797c9c179bed05d07e2f

brhrjf.gaokejd.xyz/ftl/commonPage/themes/hongbao.css

103.198.200.1

200 OK

5.7 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/themes/hongbao.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
Unicode text, UTF-8 text, with very long lines (336)
Size
5.7 kB (5666 bytes)
Hash
499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brhrjf.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64252e4f-d530"
Date: Tue, 16 Apr 2024 10:02:10 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Thu, 16 May 2024 10:02:10 GMT
Age: 676506
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: fcfd3331f8c78759cf4028c6b7a2dc58

brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

103.155.16.137

200 OK

34 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: W/"5d848f4f-176d4"
Date: Fri, 19 Apr 2024 19:26:16 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 19 May 2024 19:26:16 GMT
Age: 383460
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: ecbe4435e4945d25fbe3cebd40341ba5

brhrjf.gaokejd.xyz/ftl/commonPage/js/float.js

103.198.200.1

200 OK

1.9 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/float.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"612747ba-1b2f"
Date: Tue, 16 Apr 2024 09:52:48 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Thu, 16 May 2024 09:52:48 GMT
Age: 677068
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 73fe964443fd55618f7d0c46bb4340b7

brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js

103.198.200.1

200 OK

4.0 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"60f60fb5-43bc"
Date: Tue, 16 Apr 2024 09:52:47 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Thu, 16 May 2024 09:52:47 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 88dd4ceca1aa26264d12250dcd84e602

brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js

103.155.16.137

200 OK

3.3 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: W/"6260ddd4-2f13"
Date: Fri, 19 Apr 2024 19:26:17 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Sun, 19 May 2024 19:26:17 GMT
Age: 383459
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-09
X-Cdn-Request-ID: a13af5f2628fd23a5c560968e84a41e6

brhrjf.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js

103.198.200.1

200 OK

12 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, ASCII text, with very long lines (32034)
Size
12 kB (11957 bytes)
Hash
f15409fb02c527ce1f66a2fd3c4aa0e9
1e1e1bcc0f49e99e14ba34991cffe0745178d302
1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64d5b951-b083"
Date: Tue, 16 Apr 2024 09:52:49 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Thu, 16 May 2024 09:52:49 GMT
Age: 677067
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: ddc867769f97ac799fa7972792efb212

brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js

103.198.200.1

200 OK

797 B

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"6260ddd4-828"
Date: Tue, 16 Apr 2024 09:52:47 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Thu, 16 May 2024 09:52:47 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: d0704c0c82521a5bd1352a3798c03cf1

brhrjf.gaokejd.xyz/ftl/commonPage/js/lazyload.js

103.155.16.137

200 OK

2.7 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/lazyload.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.7 kB (2731 bytes)
Hash
58f1a7fa1a19b0e5ad0a5bad974b98cf
6963ce7378e6c992de06e7e77d79432a0d38f54d
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"64d05f66-2f79"
Date: Mon, 22 Apr 2024 05:44:10 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Wed, 22 May 2024 05:44:10 GMT
Age: 173586
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 737c4cbc6885914097a7b734c94b839b

brhrjf.gaokejd.xyz/ftl/commonPage/js/gui-base.js

103.155.16.137

200 OK

16 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/gui-base.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (11056)
Size
16 kB (15779 bytes)
Hash
4007cfe0a95df1d6a9f4252e636f995f
b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"64ddbaed-ee5c"
Date: Mon, 22 Apr 2024 05:43:47 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Wed, 22 May 2024 05:43:47 GMT
Age: 173610
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: db4e97217b69fbac8f2d62cce52edec9

brhrjf.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js

103.198.200.1

200 OK

5.0 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"5d848f4f-4ea4"
Date: Tue, 16 Apr 2024 09:52:48 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 09:52:48 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 8230a6a27e44359e835ee5411a98628a

brhrjf.gaokejd.xyz/ftl/commonPage/js/layer.js

103.198.200.1

200 OK

7.6 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/layer.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-55f6"
Date: Tue, 16 Apr 2024 09:52:49 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 09:52:49 GMT
Age: 677068
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: fcfe0523de14b1b1cdc6105a78f9168b

brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js

103.198.200.1

200 OK

1.4 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"5d848f4f-1151"
Date: Tue, 16 Apr 2024 09:52:50 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 16 May 2024 09:52:50 GMT
Age: 677065
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: a8157ed94b4ef8a6566a2624fcd29c7b

55100bet365.com/ftl/commonPage/images/partner/partner-hongtu-white.png

188.114.96.1

200 OK

75 kB

URL GET HTTP/3
55100bet365.com/ftl/commonPage/images/partner/partner-hongtu-white.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
PNG image data, 4964 x 72, 8-bit colormap, non-interlaced
Size
75 kB (74604 bytes)
Hash
20750d3161559951729e005cf988bb1f
67ac93184c3259c55ea7e26d6f8716525946223a
56af3a9fbc08041521e9f381949bfc2e9548b013798bac0b2d629ab3939d8913

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ftl/commonPage/images/partner/partner-hongtu-white.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:17 GMT
content-type: image/png
content-length: 74604
last-modified: Mon, 08 Apr 2024 09:30:15 GMT
etag: "6613b927-1236c"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:17 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BROQhxHZ7LWEoJM7RAbZNYUUw8EZ2VcenTA5lkkvfTPom2Rl9v%2F9eVunk4ROI56bQZ7kSMzLUSLBYzwXpGkW0LuF%2FeP%2F%2BHzfzD%2FCLpuaAUrdUhNn27YEjbYWMTH9CrAJv%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dadc8d910afa-OSL
alt-svc: h3=":443"; ma=86400

brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

103.155.16.137

200 OK

17 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"5d848f4f-fc8b"
Date: Mon, 22 Apr 2024 05:44:13 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 05:44:13 GMT
Age: 173583
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cdn-Request-ID: 5fa9dcacf375b0e0a9e6448677cda3e5

brhrjf.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

103.155.16.137

200 OK

7.7 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"655579ca-6caf"
Date: Mon, 22 Apr 2024 05:44:05 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Wed, 22 May 2024 05:44:05 GMT
Age: 173592
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: dd6c9bac46d6b9f31e46654163ab109f

brhrjf.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

103.198.200.1

200 OK

4.1 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"655579ca-3a09"
Date: Fri, 12 Apr 2024 08:31:41 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Sun, 12 May 2024 08:31:41 GMT
Age: 1027536
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 7e9da09d18ddae9f8afcd9fb5ae4a119

brhrjf.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0

103.198.200.1

200 OK

3.1 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text
Size
3.1 kB (3111 bytes)
Hash
5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"6131d862-48e4"
Date: Tue, 16 Apr 2024 10:02:12 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Thu, 16 May 2024 10:02:12 GMT
Age: 676505
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: ce7c7e4758cb9f44210ae1b00e5cd223

brhrjf.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css

103.155.16.137

200 OK

911 B

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text
Size
911 B (911 bytes)
Hash
1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: W/"5d848f4f-b5d"
Date: Mon, 22 Apr 2024 05:44:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 05:44:14 GMT
Age: 173583
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-19
X-Cdn-Request-ID: a68cb140045cc66dd3c2103235f724cb

brhrjf.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191

103.155.16.137

200 OK

5.2 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1713347147191 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"633d510e-7fd7"
Date: Mon, 22 Apr 2024 05:44:16 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Wed, 22 May 2024 05:44:16 GMT
Age: 173581
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 936f932872aed10987e58635b6f332fd

brhrjf.gaokejd.xyz/ftl/commonPage/js/moment.js

103.198.200.1

200 OK

27 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/js/moment.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
27 kB (26968 bytes)
Hash
36c8f828395a9395549bd6e7307cb7e9
f30a4961558e2d3d4405e7d93aa28fdb63245e78
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"64b633ca-1cab9"
Date: Tue, 16 Apr 2024 09:52:28 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Thu, 16 May 2024 09:52:28 GMT
Age: 677089
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 1de7ef6c1fe670a112ebb40641cfa0ac

brhrjf.gaokejd.xyz/061410/rcenter/common/static/css/gb.validation.min.css

103.198.200.1

200 OK

3.8 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/061410/rcenter/common/static/css/gb.validation.min.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"633d510e-2d52"
Date: Fri, 12 Apr 2024 08:30:35 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Sun, 12 May 2024 08:30:35 GMT
Age: 1027603
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 04628befd07f2ed57d5256adaa34fb62

brhrjf.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

103.155.16.137

200 OK

6.9 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3
Size
6.9 kB (6871 bytes)
Hash
99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: "5d848f4f-1ad7"
Date: Mon, 22 Apr 2024 05:44:18 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Wed, 22 May 2024 05:44:18 GMT
Age: 173580
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: d385aa03bdcd5ca6a811387d82477fb4

55100bet365.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=

188.114.96.1

200 OK

7.0 kB

URL GET HTTP/3
55100bet365.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
JSON text data
Size
7.0 kB (6979 bytes)
Hash
4493772a91e607d8ca26d9e6df097a1b
59426f6186ebff6615e79c842176eaa641b35467
1f2e05bb884c51be7a0012e9413f4d6c4f67895100cdbc4659e87da852252311

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; Path=/
content-disposition: inline;filename=f.txt
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938239dfde
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G79zD5fB47e3kZ6L58VqDUGQmiO4y28UMKobT3COSdkxv7oogVwpy29tujW0rvtGNHoH5rQlxtSpICaHi%2FTO5YUcRC9%2FqPEv%2BF7d1JPFef6PaLbfl5EMtmOJC3lAvXzYKFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dae77a8d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

brhrjf.gaokejd.xyz/ftl/bet365-1761/images/header/hot.gif.base64

103.198.200.1

200 OK

1.9 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/bet365-1761/images/header/hot.gif.base64
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text
Size
1.9 kB (1921 bytes)
Hash
081943375d1dd5575c9b2864749a2882
5f2a6a412e0594c2e16f2f7010f17d122cc0042d
47b0fe6fba430f6538eba8f6ba1e60fa4bf1622ea72ac9fc8eaa06679def3e49

HTTP Headers

GET /ftl/bet365-1761/images/header/hot.gif.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 1921
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6526148f-781"
Date: Tue, 16 Apr 2024 09:52:52 GMT
Last-Modified: Wed, 11 Oct 2023 03:20:47 GMT
Expires: Thu, 16 May 2024 09:52:52 GMT
Age: 677068
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: babeaf4556d1c115181e5bf2b463d63e

brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10037/1713789226549.jpg.base64

103.198.200.1

200 OK

154 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10037/1713789226549.jpg.base64
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
154 kB (154421 bytes)
Hash
185c5749b5c1173b0345ce0ddf62f07e
0b20e173ee3c869d4764fdfbbe01b72395314014
34fe1ce25778b62a0eb47e56382403c47c030bd403cec2769ab92c995b809cae

HTTP Headers

GET /fserver/files/gb/1761/carousel/10037/1713789226549.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 154421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "6626592a-25b35"
Date: Mon, 22 Apr 2024 12:37:36 GMT
Last-Modified: Mon, 22 Apr 2024 12:33:46 GMT
Expires: Wed, 22 May 2024 12:37:36 GMT
Age: 148785
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: b55b48b43ab268653d149267fee82b50

brhrjf.gaokejd.xyz/ftl/bet365-1761/images/all_bg.jpg.base64

103.198.200.1

200 OK

345 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/ftl/bet365-1761/images/all_bg.jpg.base64
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text
Size
345 kB (345171 bytes)
Hash
20d063fb55cf6dd6c784f84ae5b3bd18
0840181a044dcc8c3022cbfbe10a686cfd1f5f7e
cb4b1b696c9135571ec2a2d49b03ef3c16a9fee93620509e455a7b9175ab9443

HTTP Headers

GET /ftl/bet365-1761/images/all_bg.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 345171
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "651e5941-54453"
Date: Tue, 16 Apr 2024 09:52:51 GMT
Last-Modified: Thu, 05 Oct 2023 06:35:45 GMT
Expires: Thu, 16 May 2024 09:52:51 GMT
Age: 677069
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 916a1e7ad327c98d73804e6539b0ff1a

brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10032/1704450151823.jpg.base64

103.198.200.1

200 OK

202 kB

URL GET HTTP/1.1
brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10032/1704450151823.jpg.base64
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
202 kB (201677 bytes)
Hash
e68d4cf4b366ddbbc83ee0c001b4b5f6
f2228e1702a78ce91e6949f4153a97239a276dc3
023066eb14f4b1fab2793aa9ff2ef2ef970499eeaac4573cfb04b1fc48d5e99a

HTTP Headers

GET /fserver/files/gb/1761/carousel/10032/1704450151823.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 201677
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6597d867-313cd"
Date: Wed, 17 Apr 2024 03:19:54 GMT
Last-Modified: Fri, 05 Jan 2024 10:22:31 GMT
Expires: Fri, 17 May 2024 03:19:54 GMT
Age: 614260
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-08
X-Cdn-Request-ID: f087c08c84acde057d0f8083fc564032

brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10025/1699797435278.jpg.base64

103.198.200.1

172 kB

URL GET
brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10025/1699797435278.jpg.base64
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://55100bet365.com/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
172 kB (171549 bytes)
Hash
ab72c5d60ca98f8d7fa0458899d91343
048dd73ac3f67a0709b3941424033a598eee446b
61daf2229d51eb0c9578044f5ee2f82b721e04cbc7a2216f3efc77bb025a1281

HTTP Headers

GET /fserver/files/gb/1761/carousel/10025/1699797435278.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 171549
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "6550d9bb-29e1d"
Date: Wed, 17 Apr 2024 03:19:54 GMT
Last-Modified: Sun, 12 Nov 2023 13:57:15 GMT
Expires: Fri, 17 May 2024 03:19:54 GMT
Age: 614261
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 7e18cea8f85e1c0087c4400eda51620b

brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10019/1700636690750.jpg.base64

103.198.200.1

235 kB

URL
brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10019/1700636690750.jpg.base64
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
235 kB (234937 bytes)
Hash
9f7870855e42e905cc9e1fedf975c3b1
073f4353c2f33567c5bb6f6d0c2acb2ff4683874
0a46c15b36d591a87b73f6a47c1f9bb612cb14873552d135cf8d1cc35d6bfa69

HTTP Headers

GET /fserver/files/gb/1761/carousel/10019/1700636690750.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 234937
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "655da812-395b9"
Date: Wed, 17 Apr 2024 03:19:53 GMT
Last-Modified: Wed, 22 Nov 2023 07:04:50 GMT
Expires: Fri, 17 May 2024 03:19:53 GMT
Age: 614264
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 956b50fa7a6af50e2e7fa5ec8b8a3080

brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10013/1696759154781.jpg.base64

103.198.200.1

204 kB

URL
brhrjf.gaokejd.xyz/fserver/files/gb/1761/carousel/10013/1696759154781.jpg.base64
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerUnizeto Technologies S.A.
Subject*.gaokejd.xyz
Fingerprint0C:64:1D:5D:7A:1C:81:05:EF:CD:74:CC:64:84:BF:1B:CB:80:25:BA
ValidityThu, 30 Nov 2023 01:16:02 GMT - Fri, 29 Nov 2024 01:16:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
204 kB (203925 bytes)
Hash
b4ffea1390e6142b1f37e91df5fb79c7
3833e7513f89d565145b286124bd1baec52aa72f
2e0a949f3561242bbd0a8d571bc1ce8b7a801a3a1929a3019319419816a2e31e

HTTP Headers

GET /fserver/files/gb/1761/carousel/10013/1696759154781.jpg.base64 HTTP/1.1
Host: brhrjf.gaokejd.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 203925
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "65227d72-31c95"
Date: Wed, 17 Apr 2024 03:19:56 GMT
Last-Modified: Sun, 08 Oct 2023 09:59:14 GMT
Expires: Fri, 17 May 2024 03:19:56 GMT
Age: 614262
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: 69d9545cab76f619e6ae6aa0ba3a940d

55100bet365.com/index/getUserTimeZoneDate.html?t=lvdekphp

188.114.96.1

200 OK

119 B

URL GET HTTP/3
55100bet365.com/index/getUserTimeZoneDate.html?t=lvdekphp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
119 B (119 bytes)
Hash
6a169116ac1f17a3376e279e825bdfe7
df8a1dbe35a98853d81676dd48d4db5b0c9cda60
d86c672445dcb6a36f3d49da4b4b392af448d98ace4e5dc01811c2a0689bd475

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=lvdekphp HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:19 GMT
content-type: text/html; charset=utf-8
content-disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938239a539
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ajv%2BvwAYTS5WPG59mBfxXqGD2TH5bqCAIdzb8nO6xjshnnfby%2BsMn2yLWdaXJfUDomh8iH8SlKydEtn4QbltdNmFO2vYSvhhpmPVlpJ9oI%2BqzrDHSfLR1mLJ45qzHZQ4Uo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daecdce20afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/mobile-api/v5/origin/getFloat.html

188.114.96.1

200 OK

5.1 kB

URL POST HTTP/3
55100bet365.com/mobile-api/v5/origin/getFloat.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (5797), with no line terminators
Size
5.1 kB (5097 bytes)
Hash
9a7f3b9c41d710ee6bea3849f8bef13d
043c968b0e2f82f6cf10dfc9b2cd8a2735099c90
490235654e390832dd1925da572d203a4a3688f80ebeccb2b5e12eff5d453ef3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://55100bet365.com
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:18 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
access-control-allow-origin: https://55100bet365.com
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-17139382381bf6
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlFUaLYL7aOT3h64RDPu606ruFBHGemVQ2CN197GNhEHqIb5Eh%2B%2Ff7cV%2B8RMQ8yu8kYChS0TtWr6Z1gTg7EAYrLvrpQ%2F%2BIMk5SVNaIO3My1%2Bu5BWRCWb4B1tOe460n7OJ%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dae599c60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/mobile-api/v5/origin/getThirdParam.html

188.114.96.1

200 OK

103 B

URL GET HTTP/3
55100bet365.com/mobile-api/v5/origin/getThirdParam.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Size
103 B (103 bytes)
Hash
696fb49ead30121d5513e1c2b60d42a2
dd34a288bf6b0e4c295c1bb848705f58ba5f245d
c030ec18bd43fe0351659670355a8fc897e26b6a34b990e8a4878a51b76a268d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=f7c95a7b6b031c620a6304190a7ddf24
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html;charset=utf-8
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938240340b
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNL259VGdT0zVS10a9%2Bn3xBwbJehDMn9bocWS3Kb%2FH%2BYxn20NvdUp8cC6LPQ%2BN3zpuiWi7TVH6UgIyTn9YfChU7Hpl3F8Xgm78Uv65BwbV0tOj%2FJw9HzoN9V26h85gUymZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daf2af6f0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/headerInfo.html?t=lvdekppx

188.114.96.1

200 OK

127 B

URL GET HTTP/3
55100bet365.com/headerInfo.html?t=lvdekppx
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
127 B (127 bytes)
Hash
43362fbab0a37f2355695b9a2aed1363
bacb4975499106a7d9c2a6360d60a904483f9213
73b32a418d977b4fddf4afe7553faf8e2fc94871b6ff9c4555edafb7d314fa2c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /headerInfo.html?t=lvdekppx HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-disposition: inline;filename=f.txt
sub-sys: msite
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-17139382393804
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgO4ctTBxYUSkCiK%2BMqFRr4btmAA7zWPRPxLegcsS7upcFoqiguVuiZk6w9GSUvf7h5pWm2bGlUB14JslByT6NAo6r6V6lLpXaYYZV7qK3OftHYN0%2FUbqWvYZXqHRn4N6lw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daeebdad0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/message_zh_CN.js?v=1713347147191

188.114.96.1

200 OK

33 kB

URL GET HTTP/3
55100bet365.com/message_zh_CN.js?v=1713347147191
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type

Size
33 kB (33266 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /message_zh_CN.js?v=1713347147191 HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:14 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:14 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: 01761-01-00000000-171393823447c6
out-line: gb-source-137
cf-cache-status: MISS
last-modified: Wed, 24 Apr 2024 05:57:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKiDA3tyjPr5kLZAD4n8Q5mfEoRl%2Fj8n56FBqe5YJr5d4%2FYwF3ND9yFf202xnlV3XpKyO0m2PvNnytVrZGGn4eTiMs38FR6SED5qjaRueL9FeR01jUeI%2Fz5dtZ8lNDXosmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daca8cbb0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/mobile-api/v5/chess/getActivityMsg.html?function=sign

188.114.96.1

200 OK

140 B

URL GET HTTP/3
55100bet365.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Size
140 B (140 bytes)
Hash
8a912a1cb453f1d332c69c6fdd0d3629
8a7da066c09ed0ce711f0524fc7273e814dc89f6
51e780a944436376a888e7053614f95fce8236591338ec92946f937a3650a072

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html;charset=utf-8
set-cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-171393824008d1
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AfOsVB5btEKv5jJe9xVJwO1g%2BLMucXXbQCNeq9MSUm019dW4Z%2Bh6AdraU5598IqqjYBmbLRMzLb4St8Sqiso4hk92ysne7evws9NnEbeNIztk2oq%2BO%2FcdULtBoM9WBHAkFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daf07e6d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/mobile-api/v5/origin/loginSwitchCheck.html

188.114.96.1

200 OK

174 B

URL GET HTTP/3
55100bet365.com/mobile-api/v5/origin/loginSwitchCheck.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Size
174 B (174 bytes)
Hash
384b8edc0425027ea8363c2a3a1ccc8a
8fd8da38388b633453e57836f639a9105eba15c4
37a39fed46764175ca6e8cb7cd92deaebe855c5151b6154d65b5f42d8dc46519

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html;charset=utf-8
set-cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
access-control-allow-methods: *
access-control-max-age: 3600
access-control-allow-headers: Content-Type,Access-Token,X-Requested-With
content-disposition: inline;filename=f.txt
sub-sys: mobile
x-frame-options: SAMEORIGIN
uuid: 01761-01-00000000-1713938240efab
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6ZApRrIeb04Y79Emsyvpditp4D%2Fv4R0EmQCRjxjFNQ4qVIEJS6sCgRe%2BT%2BP7x8Ps15EXwAp3pxwf9MG%2BASHQiXnHA4AHi2K4su7nO4ovoN6krJSemwzV2qohw1t9wU2pYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daf0ce910afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

55100bet365.com/

188.114.96.1

200 OK

442 kB

URL User Request GET HTTP/2
55100bet365.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type

Size
442 kB (441495 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:57:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-html-cache: HIT-3600
x-frame-options: SAMEORIGIN
uuid: -
out-line: gb-source-137
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSUS7Of2fe4KTP3zI2kmqd9awB5gMuE6J0sruhJUUqe4gwPWmtvs%2FVTH0ASjtKaYGUFpRFwDpOa5z8vcPbNhGnDAV6dB4AIAW5zU9AIPpGjas6Kl07fYJqCJuDdYpg8EERY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793dac58a2556c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

55100bet365.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png

188.114.96.1

200 OK

6.1 kB

URL GET HTTP/3
55100bet365.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
6.1 kB (6087 bytes)
Hash
30eb0e841ea47a1f05854ebca3f9e9c1
0cb9874c32ff8837c1ffaf89cba502ceb3483b2b
382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 05:57:19 GMT
content-type: image/png
content-length: 6087
last-modified: Wed, 11 Aug 2021 06:10:54 GMT
etag: "611369ee-17c7"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
expires: Thu, 25 Apr 2024 05:57:19 GMT
cache-control: max-age=86400
x-cache: HIT
uuid: -
out-line: gb-source-137
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vak31aj0iQ1CyuBnsdXBTEv8Mcz3S6BTCegktNIIbLLkQRJoamCo%2F5SizTXtiseLyMGHtV09aHOmb59uPA5VXmbQnssQeJqqZrLFxqzd0Kul5apylsfUca3yTz9UMWQVAIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daeaec360afa-OSL
alt-svc: h3=":443"; ma=86400

55100bet365.com/favicon.ico

188.114.96.1

404 Not Found

150 B

URL GET HTTP/3
55100bet365.com/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://55100bet365.com/
Certificate
IssuerLet's Encrypt
Subject55100bet365.com
Fingerprint44:A3:F5:13:2F:84:0D:41:AF:4B:C0:2F:D3:8B:30:5A:AE:A6:93:DE
ValiditySat, 16 Mar 2024 11:38:41 GMT - Fri, 14 Jun 2024 11:38:40 GMT

File type
HTML document, ASCII text, with no line terminators
Size
150 B (150 bytes)
Hash
3975df6acd9bb32205823270e122bb3f
debbb3ecc9183ee7672f25d0f74eea74e3530298
13ed13454e3102135579e64775b002a66280f9eb99c31e4d8b59a69cf7e00425

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 55100bet365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://55100bet365.com/
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 05:57:20 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51Dz0tfE83pIYju62oP3ztjupDg20bIxhZKt13xJsM793Ocv7psGiocYybCzSlkHiwXoUN9nAg1A1m5qMBplg7oJtOkPaGQanBK9VYam2Z2ycWbcO%2Fj3SqBTxnV5tWnb2oo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8793daeeadaa0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML