301 Moved Permanently 59 B URL User Request GET HTTP/1.1 IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type HTML document, ASCII text
Hash 399c2be44126f481d94eee568d83c640
7e89331b81250262b35a51a28cc8aaa9c90d3213
bdc9a3bb00aaa9f27e82a539291d2365212ab7bfe9d79f326fa067a7cfd1ebb2
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET / HTTP/1.1
Host: 912337.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://912337.com:8989/
Date: Mon, 27 Nov 2023 04:04:51 GMT
Content-Length: 59
200 OK 116 kB URL User Request GET HTTP/1.1 IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size 116 kB (115819 bytes)
Hash 33834d0179165e4ad32a5222312f0180
81f87d4cf101178e605f632682575758e9c4a54b
87a0c3ba9919cc0559f7262535ddef4bf1078948c8cc157ad554ef6eba86ae98
GET / HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 04:04:52 GMT
Out-Line: gb-cdn-802
Uuid: -
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Html-Cache: HIT-3600
Transfer-Encoding: chunked
912337.com:8989/commonPage/lan/i18n.js?t=1701057892.454
200 OK 814 B URL GET HTTP/1.1 912337.com:8989/commonPage/lan/i18n.js?t=1701057892.454
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type ASCII text, with very long lines (1217)
Hash d137e7f6e28ac4c9bd048297efa403a3
3e74e58c1fddb0200dd8e26f17a23025f306807d
a6de46c663a467808b882a5eeff1bb876b8a9f0796aebaa37ede3d86070369cf
GET /commonPage/lan/i18n.js?t=1701057892.454 HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Date: Mon, 27 Nov 2023 04:04:53 GMT
Out-Line: gb-cdn-802
Uuid: 00627-01-00000000-17010578937f00
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 814
912337.com:8989/message_zh_CN.js?v=1700646329357
200 OK 9.9 kB URL GET HTTP/1.1 912337.com:8989/message_zh_CN.js?v=1700646329357
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type Unicode text, UTF-8 text, with very long lines (18042)
Hash adcd647972140ca028f47a6dd9646934
391048d6b4a2878b9d0dac49df247c5504f06dd7
ad194b3c9e03ab63b64bccd568d8c277db23a273c5ac4f3ef670decb7417a7ed
GET /message_zh_CN.js?v=1700646329357 HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: application/javascript;charset=UTF-8
Date: Mon, 27 Nov 2023 04:04:53 GMT
Expires: Tue, 28 Nov 2023 04:04:53 GMT
Out-Line: gb-cdn-802
Uuid: 00627-01-00000000-170105789363bb
Vary: Accept-Encoding
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/style/swiper-4.3.3.min.css
200 OK 3.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/style/swiper-4.3.3.min.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (19512)
Hash f29b1aec530d4ecb1255894948203345
ec15a3a265c1556fae8f9553d371423df9653c50
f476606c821fd23ba0fcae1845e3e45ae39f6040921de2d96698ad7d1e922f3e
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/style/swiper-4.3.3.min.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3094
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"615c2c2b-4d3d"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Tue, 05 Oct 2021 10:42:51 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 4b3e72578cce7200872144fbd95aa19d
5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
200 OK 17 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (12023)
Hash 127bc5e19c08901aeedbdee1cb860a7d
b479eebde953d307ad4e0363d41520433e09d58d
2f6fa5669c0d38a7652ec88e57d2382ab4d39974181dcf2bc2d4648e449f7db6
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17085
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"654df4a7-144ec"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Fri, 10 Nov 2023 09:15:19 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: d699e3e87fdf907db61c37918de25515
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/style/bootstrap-dialog.min.css
200 OK 630 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/style/bootstrap-dialog.min.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 304eb84809c6637b7cdd0dc6225c5761
e724aff10b16dc82bf1086cd3b70d8396f630d64
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/style/bootstrap-dialog.min.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 630
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"6156cab3-adc"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Fri, 01 Oct 2021 08:45:39 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: b20a778966c44e76c1cf362c20f16f9b
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/style/common.css
200 OK 13 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/style/common.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (532)
Hash 95178481afb04dea64a578c8058c3118
e03c851921231bb437cd7a2d88227026b1848bdc
ca96b231c254fe19fde0e855db7347176fb27843a52992247abea74548328703
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/style/common.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 12762
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"6327fe95-da45"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Mon, 19 Sep 2022 05:31:01 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120185
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-17
X-Cdn-Request-ID: 079632c9d496a8c8349c73f6585e6754
5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css
200 OK 6.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-skin-default.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Hash 4f6eba52b6bdba2bd8154d39c61fcaab
11a91e977ab64175dc2ec233d45c6cf9d34798b0
b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64ad1569-7b6e"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120185
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: a8540a2307fc04ad01cefb6d9b25dd0c
5y7wpn.gaokejd.xyz/ftl/commonPage/js/float.js
200 OK 1.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/float.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"612747ba-1b2f"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 5de8adc351964ec5268b62f4e5659c21
5y7wpn.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js
200 OK 4.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/websocket/Comet.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"60f60fb5-43bc"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: f7871bcbeb260b44396173e8e86af4ce
5y7wpn.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js
200 OK 12 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/idangerous.swiper.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (32034)
Hash f15409fb02c527ce1f66a2fd3c4aa0e9
1e1e1bcc0f49e99e14ba34991cffe0745178d302
1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"64d5b951-b083"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: f02389762ff571bcfc8a0c3ce9cabdb7
5y7wpn.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js
200 OK 3.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/websocket/CometMarathon.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"6260ddd4-2f13"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-19
X-Cdn-Request-ID: 50bb59c9d8d69bd8130460647d4b4275
5y7wpn.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js
200 OK 797 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/websocket/PopUp.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"6260ddd4-828"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-16
X-Cdn-Request-ID: c1fc68320778b74110a2ae16c3a70f10
5y7wpn.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
200 OK 34 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (32038)
Hash b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-176d4"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120241
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 02e2c700704e8708243f8d74d79c648f
5y7wpn.gaokejd.xyz/ftl/commonPage/themes/hongbao.css
200 OK 5.7 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/themes/hongbao.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (336)
Hash 499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"64252e4f-d530"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 1a8594abf94f7082e78fff909659b189
5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css
200 OK 6.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (489)
Hash 858eefc3fa70af7d0115c901908471f5
29c181bbbc09a424f7de7cb57629bd8a9e3c679a
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64ddd5e1-c760"
Date: Tue, 14 Nov 2023 04:55:09 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Thu, 14 Dec 2023 04:55:09 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-20
X-Cdn-Request-ID: 1ebe79dd00c1212f3e4fe6b97e1ab7a1
5y7wpn.gaokejd.xyz/ftl/commonPage/js/lazyload.js
200 OK 2.7 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/lazyload.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 58f1a7fa1a19b0e5ad0a5bad974b98cf
6963ce7378e6c992de06e7e77d79432a0d38f54d
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64d05f66-2f79"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 583a445884ca6b19172420373c23dcde
5y7wpn.gaokejd.xyz/ftl/commonPage/js/gui-base.js
200 OK 16 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/gui-base.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (11056)
Hash 4007cfe0a95df1d6a9f4252e636f995f
b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64ddbaed-ee5c"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120241
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-17
X-Cdn-Request-ID: f975ddbcbe1143bfd1de930be1818496
5y7wpn.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js
200 OK 5.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/bootstrap-dialog.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (20132), with no line terminators
Hash 5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"5d848f4f-4ea4"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120241
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-18
X-Cdn-Request-ID: 471f34b9f31adde5222bdb942dc3343d
5y7wpn.gaokejd.xyz/ftl/commonPage/js/layer.js
200 OK 7.6 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/layer.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (21922)
Hash c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"5d848f4f-55f6"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120241
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 0c3db2bc8b363ba711fc839d8bb9522b
5y7wpn.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js
200 OK 1.4 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (4433), with no line terminators
Hash f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-1151"
Date: Tue, 14 Nov 2023 04:54:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:54:14 GMT
Age: 1120241
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: e313e265928f316e23bc92b528dcf16a
5y7wpn.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
200 OK 17 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (64577)
Hash b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"5d848f4f-fc8b"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120241
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 2c3348908bf893d27281a85633a84e55
5y7wpn.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
200 OK 7.7 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (27669)
Hash f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"65320e6c-6caf"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Fri, 20 Oct 2023 05:21:48 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: 4e536b327fc3b329a4e22840ee04443d
5y7wpn.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css
200 OK 911 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/themes/hb/css/pc.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"5d848f4f-b5d"
Date: Tue, 14 Nov 2023 04:55:08 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:55:08 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-16
X-Cdn-Request-ID: 0a43f0293885403d74659fd62b222105
5y7wpn.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
200 OK 4.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Hash 4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"65320e6c-3a09"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Fri, 20 Oct 2023 05:21:48 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-20
X-Cdn-Request-ID: 299f6c5b8fc72c50700a382c7bdf5a3c
5y7wpn.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1700646329357
200 OK 5.2 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/061410/rcenter/common/static/js/gb.validation.min.js?v=1700646329357
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (801)
Hash 30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1700646329357 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"633d510e-7fd7"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 376e45e832c1a3c5c480c06c721db8be
5y7wpn.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
200 OK 3.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash 5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"6131d862-48e4"
Date: Tue, 14 Nov 2023 04:55:09 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Thu, 14 Dec 2023 04:55:09 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 3bfe1b0b1c80370a0a2c6cf0e70a991f
5y7wpn.gaokejd.xyz/ftl/commonPage/js/moment.js
200 OK 27 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/js/moment.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 36c8f828395a9395549bd6e7307cb7e9
f30a4961558e2d3d4405e7d93aa28fdb63245e78
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"64b633ca-1cab9"
Date: Tue, 14 Nov 2023 04:54:12 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Thu, 14 Dec 2023 04:54:12 GMT
Age: 1120243
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 5acf995656db91ec36e99c4e0b063ad6
5y7wpn.gaokejd.xyz/061410/rcenter/common/static/css/gb.validation.min.css
200 OK 3.8 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/061410/rcenter/common/static/css/gb.validation.min.css
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (2295)
Hash f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"633d510e-2d52"
Date: Tue, 14 Nov 2023 04:55:09 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Thu, 14 Dec 2023 04:55:09 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-18
X-Cdn-Request-ID: 64c39523b2c2e82600a1be4ae6e20f85
912337.com:8989/mobile-api/v5/origin/getFloat.html
200 OK 2.9 kB URL POST HTTP/1.1 912337.com:8989/mobile-api/v5/origin/getFloat.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (16341), with no line terminators
Hash 099df963f7f7030587d64d5922d4e286
7cd1b035cc6e5a1aa9d8db702310a09fd9c02ebd
bf52d659142349cb476cd19f334a37c069d95914cf651b5f984c349f8fb4dbd4
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://912337.com:8989
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 27 Nov 2023 04:04:56 GMT
Out-Line: gb-cdn-802
Set-Cookie: route=9f8c829bfb3537f530509e8eaa83639a; Path=/
Sub-Sys: mobile
Uuid: 00627-01-00000000-1701057896b2bb
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
5y7wpn.gaokejd.xyz/ftl/bet365-627/plugin/js/swiper-4.3.3.min.js
200 OK 32 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/plugin/js/swiper-4.3.3.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (65275)
Hash 317fd00903b68a157500b40495e8d74e
29ba73703d5c1d5390551e9fb230a3f1ace1437e
efac6fec2ba437b6a906e249fad9de3c7d3c105a48136b0155376b5989c4d76a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/plugin/js/swiper-4.3.3.min.js HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 31739
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"61567ad6-1df6f"
Date: Tue, 14 Nov 2023 04:54:13 GMT
Last-Modified: Fri, 01 Oct 2021 03:04:54 GMT
Expires: Thu, 14 Dec 2023 04:54:13 GMT
Age: 1120242
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-16
X-Cdn-Request-ID: 4f8c737bf579fa6db7593bef01636e73
5y7wpn.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
200 OK 6.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3\012- data
Hash 99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5d848f4f-1ad7"
Date: Tue, 14 Nov 2023 04:55:09 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:55:09 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: ab5fc9f670f18ecc0a922b9c345bafaf
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30598.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30598.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 06b42bc87015b1f21a614c47bd914859
533e764dcc3ae171ac0c8f51a7fbcca10f26072f
dbcc205b41e6eec3484c66381d57bd921175da6e5936ade916c42e8bd1110eb3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30598.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 20250
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "5d2c760b-4f1a"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=
200 OK 883 B URL GET HTTP/1.1 912337.com:8989/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , ASCII text, with very long lines (1116), with no line terminators
Hash c20d12fe4d8d949ebbdb650ca3716f08
65b824c9508082fc9c1610e926ae1c7410276227
0d847b3512d1bed27d8f18eb2056dbda86671f0f9866049991840702ed736710
GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 04:04:56 GMT
Out-Line: gb-cdn-802
Set-Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; Path=/
Sub-Sys: msite
Uuid: 00627-01-00000000-170105789648e4
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 883
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 3c74765cebe4e80c4f3b7cb9af950135
e2a80d017cf7a07c4fe5a3755cdd2f9955d4f5b4
6245d98aae63591d1c216987ff2c8b21a9f632250277e97a9989831fc8e7f91e
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Mon, 27 Nov 2023 04:04:56 GMT
Server: ECAcc (amb/6AD1)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aO-79IeC5OFXH_xealxt5sVLbcpBCBaKUSaaAjvIAniacEUpY9mCaw==
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30588.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30588.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash f5a323409d6eeca58e65b88d3d0bdd15
6b60c6305e3065a1e9641865eb20243526444f17
b895770db7a902a14119dae3f32bb5622b8e0ae8ddb181f5b4e833e6cd535fb2
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30588.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 19724
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "647d3bee-4d0c"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Mon, 05 Jun 2023 01:35:42 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_8339.png
200 OK 96 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_8339.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 852c361c9460f489e179f3d34edab1dd
c981b28bbab1500869ff9aa937c3f17e67262ad8
97538b6351173a03757ff751ee08d62cf615b8e01725bc60ec299a2b54a6859b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_8339.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 95973
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "62afee6c-176e5"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Mon, 20 Jun 2022 03:50:04 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7696.png
200 OK 23 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7696.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 8443275571f203acae6b53207ed73b9f
c3d112abe5edbacb300b321b54cdc9c7d4666bbf
c54b7cdaf70e87778fc4d9c645d5c0296184f7f67793a2b777c194599700882c
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7696.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 22876
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "6242ddff-595c"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Tue, 29 Mar 2022 10:22:55 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30592.png
200 OK 18 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30592.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 2a8b9275fdec775b8d1ec6e4b0c5df8f
d1d297beee93861fd031fa9e66ddfbe8f7822e28
d2e8ae7ed84c4081f1aa6e15229af593354b571a2097b506a489a0bc1eeea8ec
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30592.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 17796
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "640af8a4-4584"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Fri, 10 Mar 2023 09:30:12 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/index/getUserTimeZoneDate.html?t=lpgdyc6p
200 OK 96 B URL GET HTTP/1.1 912337.com:8989/index/getUserTimeZoneDate.html?t=lpgdyc6p
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash bb1d119a24f7f8752d8518b9557bbb3c
58f31da2c2b125d4164a81b8f2dc11a1a0d0dac5
761998593e938ed903db722cf6d5b631ae252fd8d37163d3be288a82ec397729
GET /index/getUserTimeZoneDate.html?t=lpgdyc6p HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 04:04:57 GMT
Out-Line: gb-cdn-802
Sub-Sys: msite
Uuid: 00627-01-00000000-1701057897d109
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 96
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_6.png
200 OK 22 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_6.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 18fc529cc0b071eee9ab764c7b3cebf2
e79958322824752ee3be995515d242f3a65dbd15
7dc7c033a2391b021f70e5576b15806c1e3e73b2bf5a0beda751bbdff7513b7b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_6.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 21622
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "5d2c760b-5476"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10016/1537530207836.jpg?wsSecret=d5557932a7bc683a63d46c4d49d93513&wsTime=1701057899
200 OK 30 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10016/1537530207836.jpg?wsSecret=d5557932a7bc683a63d46c4d49d93513&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 844x214, components 3\012- data
Hash 9d0b372de41ea61c5046d415502f6448
b7370cb3c7a6c7fe0a47316f6766b141bd765ce4
4e7849176be3f2506e63bcfeed553a4f9c8504ba525b8df345391fa5afc2241a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/627/carousel/10016/1537530207836.jpg?wsSecret=d5557932a7bc683a63d46c4d49d93513&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 29972
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5ba4d95f-7514"
Date: Tue, 14 Nov 2023 04:55:10 GMT
Last-Modified: Fri, 21 Sep 2018 11:43:27 GMT
Expires: Thu, 14 Dec 2023 04:55:10 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 2a641ad57bcebec46a0d358423d22a1c
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMSH.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMSH.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 82c905f14c36be0d2fa670516edded31
437546d720284de3982ff79df6a946b81e923371
f3cdfd33e75d6f3877e1e0da0491c2b2a65c66f95d434c6b08950b0b5d5b9cc6
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_9_HMSH.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 19597
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:56 GMT
Etag: "613c72be-4c8d"
Expires: Tue, 28 Nov 2023 04:04:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:26 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/commonPage/themes/images/hongbao/icon-close-1.png
200 OK 6.1 kB URL GET HTTP/1.1 912337.com:8989/ftl/commonPage/themes/images/hongbao/icon-close-1.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 30eb0e841ea47a1f05854ebca3f9e9c1
0cb9874c32ff8837c1ffaf89cba502ceb3483b2b
382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 6087
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "611369ee-17c7"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Wed, 11 Aug 2021 06:10:54 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30599.png
200 OK 22 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30599.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash a83dc10b4e607a2685552e62c61e28ba
0f879b68bd5690faa0577ec9335ad219468e2670
3983d86b32d2cba092eea2e69dbdd3e6739824505d27c3ed04c892b28861a6e7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30599.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 22499
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "5d2c760b-57e3"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/headerInfo.html?t=lpgdyci7
200 OK 116 B URL GET HTTP/1.1 912337.com:8989/headerInfo.html?t=lpgdyci7
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 1fe008a33678bce9a839c7024cbce1aa
82a87c7eb481735bb22a9dca53a4fb4a5042e43b
390d04fc6149bee239068b631f3d5069fc3f365e178055cdb0e4466cec0331c9
GET /headerInfo.html?t=lpgdyci7 HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 04:04:57 GMT
Out-Line: gb-cdn-802
Sub-Sys: msite
Uuid: 00627-01-00000000-17010578977c6a
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 116
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-SF01.png
200 OK 23 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-SF01.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 2fbcb4a692fc6b41699f7e60ecf26a63
da35d134b38413040316f5cf1e5f76d75fd941c7
ccdecdf7de01b3b3513596f7c4555266473805551702685e14299770ae8bed26
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_25_F-SF01.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 22679
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "5d2c760b-5897"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30594.png
200 OK 25 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30594.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 7b497cfccdf85cf3a934c4d61e80d55a
2ed0898ac3b002f53b99dd5b059509098078295e
210370587be2eff0fbd4e3f29dd8114da568e50ef60f94912bd6b37eb657be72
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30594.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 24721
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "62c24fe5-6091"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 04 Jul 2022 02:26:45 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38001.png
200 OK 23 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38001.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 14f7dbafc1472fa05db8eb17ae826f30
991915b5ae07c7a47e93dce0c6c82d0d0b690993
7287fcb933e5bf3eba0d13e7312cf5ba90f94c0593310090fdc521f866b0b134
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_38001.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 23355
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "5d2c760b-5b3b"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30595.png
200 OK 28 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30595.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash b2c524e4d0297da3203c6d45d2f07115
e91bac7336aabae38e8038d2fd931a2f42fe3c84
91c4128aa7b5fa411efae3f85e25b618c0e83958b984a0460dc5e51cb83ccdd1
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30595.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 27580
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "61c1a4a3-6bbc"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Tue, 21 Dec 2021 09:55:47 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_1050.png
200 OK 22 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_1050.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 0445397f922bcef3252bedd6877d8668
f4d265e0774ed0dbda4d4548863cd852c48c570f
3069757649a24fe38937eebf84c12b959ec4e58edf10cf2c661cc2ae433a40c0
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_1050.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 21792
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "613c72bd-5520"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT05.png
200 OK 23 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT05.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 993bbfdbad1c48f514367407a17d2a77
7d3db06be9d7912432c768fa5b23335264db002c
df044589914265a7b02cca67f876c01d20e5eb0d9e50bdb2e8af8e0994daeab7
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT05.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 23286
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "64d9fc50-5af6"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 14 Aug 2023 10:05:04 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
200 OK 112 B URL GET HTTP/1.1 912337.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Mon, 27 Nov 2023 04:04:57 GMT
Out-Line: gb-cdn-802
Set-Cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
Sub-Sys: mobile
Uuid: 00627-01-00000000-1701057897bf83
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 112
912337.com:8989/mobile-api/v5/origin/loginSwitchCheck.html
200 OK 113 B URL GET HTTP/1.1 912337.com:8989/mobile-api/v5/origin/loginSwitchCheck.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Mon, 27 Nov 2023 04:04:57 GMT
Out-Line: gb-cdn-802
Set-Cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
Sub-Sys: mobile
Uuid: 00627-01-00000000-1701057897dc81
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 113
912337.com:8989/index/getUserTimeZoneDate.html?t=lpgdyct0
200 OK 97 B URL GET HTTP/1.1 912337.com:8989/index/getUserTimeZoneDate.html?t=lpgdyct0
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 83d08d888bd5756d2b72bd3a448d19bc
88f01be9f9de242d83cb09c96e25b3c2fb9fa66f
7d8ce0e8a90fdddc4bc15d24e9e414700edba3fa331ea73e5dbb361edfb7f68a
GET /index/getUserTimeZoneDate.html?t=lpgdyct0 HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=b4fd844c80a97ccc2b0bc1faae1a3e4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cachettl: 3
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 04:04:57 GMT
Out-Line: gb-cdn-802
Sub-Sys: msite
Uuid: 00627-01-00000000-17010578971387
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 97
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_1051.png
200 OK 23 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_1051.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash c2bad36f7d90b3d9d5077df183c0a80b
7890000fd16f911c2aa5223af3cddf3ed6c5f702
90b7d091ece32c042a2866eb7d6943d7e88148d3bb474eaff988a78942d6d3aa
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_35_1051.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 23172
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "5d2c760b-5a84"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30593.png
200 OK 87 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30593.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash c851a15f25d8a0c556c7a56b75aebf6f
90dd4c3169383ee12aea9e93ce8fdfb6f3146f51
655efce4a9020abae7117b5e296b181b1ffbd3f9b9dece49f1e547cf6b9396b3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_10_30593.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 86675
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "615d301d-15293"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Wed, 06 Oct 2021 05:11:57 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT01.png
200 OK 26 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT01.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash f7637fd9fb8b0dd130560efe9dfcc5ac
c6a6b30f73923175a88fb0c5685c7943ef934c2e
a647abf9fc56228cf6ab783115c113b35479dce89ff1dc4db61efb0bf3234cb4
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AT01.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 25819
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "64d9fc50-64db"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 14 Aug 2023 10:05:04 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/mobile-api/v5/origin/getThirdParam.html
200 OK 86 B URL GET HTTP/1.1 912337.com:8989/mobile-api/v5/origin/getThirdParam.html
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 9ac55fe189e4f53f37156e563e0f542e
18b13b1360ce9fbd973e046d2652be38d58a15e0
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Content-Disposition: inline;filename=f.txt
Content-Encoding: br
Content-Type: text/html;charset=utf-8
Date: Mon, 27 Nov 2023 04:04:58 GMT
Out-Line: gb-cdn-802
Sub-Sys: mobile
Uuid: 00627-01-00000000-17010578988182
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 86
912337.com:8989/ftl/bet365-627/themes/images/hot.gif
200 OK 167 B URL GET HTTP/1.1 912337.com:8989/ftl/bet365-627/themes/images/hot.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type GIF image data, version 89a, 21 x 12\012- data
Hash b2f35bc4ca5bcaac202e8af12cb1b306
b6a2b19fceda710a3cff5855d1641955b1cf4d0a
8e94fcabb03b3da77e5f0428c831040f54836cb109f45a8ec2e324eb6007d621
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/hot.gif HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=86400
Content-Length: 167
Content-Type: image/gif
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "5d2c7603-a7"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AB3.png
200 OK 77 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AB3.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 249 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 4efe93bd780474540b29c662acef4d68
2d588f15315c28feef52d101bff05d5a2071929d
e52983bbd04e43f83dccc17ccff1064098ae925ae651f753e59b1530a0e4d733
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_AB3.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 76813
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "64d9fc50-12c0d"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Mon, 14 Aug 2023 10:05:04 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO02.png
200 OK 22 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO02.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 12f4870c1a8e51e39a6c8bfdd11ed804
47eb5ed8af8ae69595b8743e7a61d3fe825cc048
1f6c135cc810d561e52ad5ba9ca5cfda82897c82db0863ab366e62d5970b3883
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_GO02.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 21953
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "61c42865-55c1"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Thu, 23 Dec 2021 07:42:29 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_CC1001.png
200 OK 21 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_CC1001.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 07db342d71e455736e0e8b5656ed7174
2d9bb7427a73a28f4bfec2a70dc227af4555968c
c1a35508763b061947ad0ea9eb9972b92b079c9510a2a746979dbffd84efde0f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_48_CC1001.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 20993
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:57 GMT
Etag: "6243c55c-5201"
Expires: Tue, 28 Nov 2023 04:04:57 GMT
Last-Modified: Wed, 30 Mar 2022 02:50:04 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/images/index-game.jpg?wsSecret=07673b7abc1bacfde7c79bec8dbb1ffd&wsTime=1701057899
200 OK 12 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/images/index-game.jpg?wsSecret=07673b7abc1bacfde7c79bec8dbb1ffd&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 271x81, components 3\012- data
Hash 6274335f5e37fb7e3aa19dba05a07ef3
d54c0b0cccf2158aee56d7f1f465d5bb907edf06
39d9bd9e19956bb52c4c880dc6987383c34dc0873aadaa6b3763e3421e06def7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/images/index-game.jpg?wsSecret=07673b7abc1bacfde7c79bec8dbb1ffd&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 11478
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5d2c7603-2cd6"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120184
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 74331fb0040a10d8967b86f034abaa86
912337.com:8989/game-api/v5/content/sportRecommended.html?t=lpgdyd2a
200 OK 1.7 kB URL GET HTTP/1.1 912337.com:8989/game-api/v5/content/sportRecommended.html?t=lpgdyd2a
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (12176), with no line terminators
Hash 2df59b9be103eb13b7bcc40e9f6cb2d5
b74812f6223b090e5fb401afaf3f8945cb544dc9
8046284dc3fb207c85730355e416118b18ddd700970abf85c2e2c17836aad6b6
GET /game-api/v5/content/sportRecommended.html?t=lpgdyd2a HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 27 Nov 2023 04:04:58 GMT
Out-Line: gb-cdn-802
Set-Cookie: route=4fa27cd8ccb9b1c65f9c0b6943f6c2c5; Path=/
Sub-Sys: mobile
Uuid: 00627-01-00000000-170105789893ff
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Length: 1749
912337.com:8989/ftl/bet365-627/themes/images/hot2.gif
200 OK 1.2 kB URL GET HTTP/1.1 912337.com:8989/ftl/bet365-627/themes/images/hot2.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type GIF image data, version 89a, 21 x 12\012- data
Hash d6ce337eca63be7cb1aadcf908fdc295
d704d68522c1ece42cfe8825d8db78e965f89b90
6f09d86e9d7f1d0d59ac2d5f7560714735dccbf97ef37b5d64f0cfab9ca55d8d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/hot2.gif HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Cookie: sticket=RCa09DMWhPV0psTFR; route=1bd47f3fb2de4e856ef59c7ef0cfd5c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=86400
Content-Length: 1247
Content-Type: image/gif
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "5d2c7603-4df"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_14.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_14.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 86f136869bc81df2a646e873bd23b46d
c40c25bbe820c39731d1c679653b28e119cbbadc
bfebb7307f1858837e6b61be64e46352b1ccd29bf982e9975886c9feda9f637f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_14.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 20462
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "63dc759f-4fee"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Fri, 03 Feb 2023 02:46:55 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_12.png
200 OK 26 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_12.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash dc21406f53974241a6ea9d1ba342a0a3
d98181158619aa5993f35dc4821c26ea657c9c35
656f550c68b469776ebe40713d8556d43af391da6cc881918da5f6c983ba823f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_12.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 26500
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "61a5e0bc-6784"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Tue, 30 Nov 2021 08:28:44 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_13.png
200 OK 26 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_13.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 1ac91d4dfd52f26f9c5682cf67ac3f49
6ca58050b81ce1be80d3b0c749b60a79d8413b98
021c28d7d369afa39f3aeac128f91dd3f377fc910a35d76a2e9d2463093e3b44
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_13.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 26179
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "62665402-6643"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Mon, 25 Apr 2022 07:55:46 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31006.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31006.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash a678f783e25a467193ee4fa0252d5bf4
ffadbf4388ce2dc312c720e75f9b9d73c05e93cd
1421dad09cedb4c186e8b4ac1cc027955d52a9d268b29144d3d8f0d60d5ed075
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31006.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 19766
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "645b37a7-4d36"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Wed, 10 May 2023 06:20:23 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_10.png
200 OK 22 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_10.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 548f74b6fbacfdafac2d13982ea01f5b
62056e33bd99fdb7a26ed1eb6e0d34baae75ab4b
8d23af5f64406af80c5f00bbe2806c0a696eee1b9fa144135a679cf7d15c27a9
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_10.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 21502
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "613c72bd-53fe"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31008.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31008.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 37070ea9397e4c9bfa4c6fa5e499de59
fd2237d48600d3a6acba5c8982c1d594962418d4
f3d50d3f597d6a23e42d069971e80a14851d7c996bbce674ed591c6e87b64bda
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_31008.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 20172
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "645b37a7-4ecc"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Wed, 10 May 2023 06:20:23 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_11.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_11.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash d495fdd61d29ff61ff34fdccc5597d0f
95a2b5b377a239ccf2d5e5cc81534f79dbbbe033
08097b5ebe2de4f6d295aeb64fc72170c766ea81851e9baf96ff4de926fc678b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_49_11.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 19964
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "613c72bd-4dfc"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/images/index-casino.jpg?wsSecret=dc227695b91fa8eded93d1e48f0b4510&wsTime=1701057899
12 kB URL GET 5y7wpn.gaokejd.xyz/ftl/bet365-627/images/index-casino.jpg?wsSecret=dc227695b91fa8eded93d1e48f0b4510&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 271x81, components 3\012- data
Hash 62f912bb32aecad4ab710243a04a4ba9
f8a22eaaf6dc17329932db9c19484907332ea800
ecc11913678af89246c957fae2eaf6cbb07316f7ad24bdcc3e2b115293e46f60
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/images/index-casino.jpg?wsSecret=dc227695b91fa8eded93d1e48f0b4510&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 11660
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5d2c7603-2d8c"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120185
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: c7ce7661d337e581091eb6df6deea516
5y7wpn.gaokejd.xyz/ftl/bet365-627/images/index-chess.jpg?wsSecret=56ef249209cc26cab3cf5f76fe9151b5&wsTime=1701057899
14 kB URL GET 5y7wpn.gaokejd.xyz/ftl/bet365-627/images/index-chess.jpg?wsSecret=56ef249209cc26cab3cf5f76fe9151b5&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 270x81, components 3\012- data
Hash e1940d5fdc029f1696c2178dddb10325
41f0ead6f18af44a92fe95e38e0432298612501c
0f62592e80088981c67c0a3c17eca2a92ef9281532328e1dfe8c310ab30b67b2
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/images/index-chess.jpg?wsSecret=56ef249209cc26cab3cf5f76fe9151b5&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 14191
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5d2c7603-376f"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120184
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: b802ad54c2207a006ab56dccafdda50b
5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/222/1699200149092.gif?wsSecret=b74c5571f07a15ad2dff6f3851ef15bb&wsTime=1701057899
200 OK 73 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/222/1699200149092.gif?wsSecret=b74c5571f07a15ad2dff6f3851ef15bb&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 150 x 514\012- data
Hash 67c96c5737bdb96ba1a99050cfd19a6c
ec106127d7dc7dfeb85f6f3598696ebe401e7db8
5e3230a540927735a1575b72dc7283d2702207e93c9baf40f1ad07e5281d0e56
GET /fserver/files/gb/627/floatImage/222/1699200149092.gif?wsSecret=b74c5571f07a15ad2dff6f3851ef15bb&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 73027
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "6547bc95-11d43"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Sun, 05 Nov 2023 16:02:29 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120184
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 51e2945c9f79cf6848af9c0f2d37e082
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10248/1639031498927.jpg?wsSecret=ec15366a32cfd4507e1da4b902e4e25c&wsTime=1701057899
200 OK 109 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10248/1639031498927.jpg?wsSecret=ec15366a32cfd4507e1da4b902e4e25c&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x1047, components 3\012- data
Size 109 kB (108905 bytes)
Hash a582bbafae734ce8d97277a3fe5c816a
3635982fcf5958b2b7f5743bc6096909d51ca4eb
3ddc1c6b6f8bd56be3aad8e95135a4e4499bc3759ecfb1607d89abd13cbcb94c
GET /fserver/files/gb/627/carousel/10248/1639031498927.jpg?wsSecret=ec15366a32cfd4507e1da4b902e4e25c&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 108905
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "637b43b1-1a969"
Date: Tue, 14 Nov 2023 04:55:11 GMT
Last-Modified: Mon, 21 Nov 2022 09:24:01 GMT
Expires: Thu, 14 Dec 2023 04:55:11 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: a1aed4a3ce579a057eea9afe0ebb52c4
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7003.png
200 OK 105 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7003.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 105 kB (105068 bytes)
Hash c421c976cf701cd806a7ebeb8575e0a3
cb84123cde62bcad60f34b5a5703f7bfafca1906
e797e57325c453e7ca7e56e634ada214b51ab9298ba5aea4d183fea859857d60
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7003.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 105068
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "5d2c760b-19a6c"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7004.png
200 OK 102 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7004.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 102 kB (102160 bytes)
Hash 18b9c1ca12b579e3be9de7f0b3d765b7
cabb9ddce1222608668401769754241d2667ac59
81b7527eda1e9db86dc9704173b4e9aa50932eb8c80ea08b23d969899bca9656
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7004.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 102160
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "5d2c760b-18f10"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:11 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10286/1657103857814.jpg?wsSecret=62fb1491c2009f564f06d06934969371&wsTime=1701057899
200 OK 140 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10286/1657103857814.jpg?wsSecret=62fb1491c2009f564f06d06934969371&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1384x1032, components 3\012- data
Size 140 kB (139728 bytes)
Hash aca3feaaa5938bae877d19b4abb189b5
543fd9fd9b9e103ca96613bac6990edcfe762dc9
203af714f1e2f0bdedc75ebc1995a0037559bad23c3730dde63032462318460d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/627/carousel/10286/1657103857814.jpg?wsSecret=62fb1491c2009f564f06d06934969371&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 139728
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "637b4453-221d0"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Mon, 21 Nov 2022 09:26:43 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120183
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-19
X-Cdn-Request-ID: 3bf0bc1e179114a6370164e1f981a8fd
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10280/1655969393390.jpg?wsSecret=671d95f56ead27b9013b15bf6775e15b&wsTime=1701057899
200 OK 159 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10280/1655969393390.jpg?wsSecret=671d95f56ead27b9013b15bf6775e15b&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1384x1032, components 3\012- data
Size 159 kB (159133 bytes)
Hash a22c0493ab533d36da93f6ebd6e1faf9
2c20e52b115e9bcccf8585b8603574aa5368d447
0e3c7dca201d7e8e215136314fc30ee845d859e73f2f8ee9c62866b2cce771a7
GET /fserver/files/gb/627/carousel/10280/1655969393390.jpg?wsSecret=671d95f56ead27b9013b15bf6775e15b&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 159133
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "637b4430-26d9d"
Date: Tue, 14 Nov 2023 04:55:14 GMT
Last-Modified: Mon, 21 Nov 2022 09:26:08 GMT
Expires: Thu, 14 Dec 2023 04:55:14 GMT
Age: 1120183
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 9a50664188e7597e9686f4fdaa6114eb
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7006.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7006.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 7facd57d474585a0c9e3b2b6d4762969
814362f72beba19c7dfb93b8d2bc760f87a2a00e
3bf01b8e569dbd7060d7dcb2222e7e3ebc9e42f715535df2315c877fed9046bd
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_60_7006.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 20484
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "613c72bd-5004"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_060.png
200 OK 26 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_060.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 51de7c3b3b21d10f38a0c30ac5e4fd24
106f9a993385ff522dad2b37dbdb3c58f035ac20
9240329d37bd41d53a4f2864a255b9f9aef025474f2965130ed5668f10ee311e
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_060.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 25785
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "642f8159-64b9"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Fri, 07 Apr 2023 02:35:05 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10242/1634789185352.jpg?wsSecret=da80affece8ff169adadfbdce238a28d&wsTime=1701057899
200 OK 156 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10242/1634789185352.jpg?wsSecret=da80affece8ff169adadfbdce238a28d&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x1047, components 3\012- data
Size 156 kB (155560 bytes)
Hash 60b8a70e22bccbddfc23fcb7901206bf
30ba40197faf4b7de677d782fa2130449d3c5ddf
87411f257761e4f055ae77c637510675ff922bf03b51efd8d844133bba82e5e3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/627/carousel/10242/1634789185352.jpg?wsSecret=da80affece8ff169adadfbdce238a28d&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 155560
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "637b438a-25fa8"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 21 Nov 2022 09:23:22 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120184
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 5eafd00340f488b1560c61cd9b50d3a3
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1010.png
200 OK 104 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1010.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (103628 bytes)
Hash 8d666e925b25cb11e51e73f93c070f4d
c6ff29c0819e955832f80eb564569cadd6a2b6e9
58377e7130027c1bc0b0d1640be5c18574464c78253ee14a8957586e32f55e0a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1010.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 103628
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "6279dd75-194cc"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Tue, 10 May 2022 03:35:17 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_73_105.png
200 OK 102 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_73_105.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 102 kB (102258 bytes)
Hash 8d9aba5a434311f951ac04421c7dc771
9e269ef70b1c650a4177aa6ca8f9b5c8d400be42
282aee25e5c5e665f12f0593297c59ef00dfcbb88b210b4bc9466ab4d0e14bea
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_73_105.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 102258
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "613c72bd-18f72"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596773302324.png?wsSecret=d89542ee3ff99211d69ba17678129447&wsTime=1701057899
200 OK 76 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596773302324.png?wsSecret=d89542ee3ff99211d69ba17678129447&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 1200 x 1200, 8-bit colormap, non-interlaced\012- data
Hash 14fbec2c35fb4af157d1ef484f23b4a0
5f80bc5fd6a3dec3c6bd3b5fb2f6d6864cd4f485
dd313539a327db1a11dc1dc4050a02bb214c74a7830b6709afff9e4877d52a9f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/1272/sportTeam/49/1596773302324.png?wsSecret=d89542ee3ff99211d69ba17678129447&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 76307
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "61809164-12a13"
Date: Mon, 20 Nov 2023 16:40:24 GMT
Last-Modified: Tue, 02 Nov 2021 01:16:20 GMT
Expires: Wed, 20 Dec 2023 16:40:24 GMT
Age: 559474
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: 7aeff728802161ccf50d3135d3b4fbfa
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_88_1jeqx59c7ztqg.png
200 OK 24 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_88_1jeqx59c7ztqg.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 19e16d0cf5c005f3fd798e8f0131db7d
ebb9c520f4047172662991c689a2e07015680dcd
57c3d3bf827de223898f46813f9bd0fd2296cc21a61f3f77d03ba6cee265c78d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_88_1jeqx59c7ztqg.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 23771
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "613c72bd-5cdb"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_88_b8rzo7uzqt4sw.png
200 OK 24 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_88_b8rzo7uzqt4sw.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash d7c26fb9503ab2caf040730495a59f32
06f8414b2709fac132dd2b3071843a86ab745b51
8d437af3cea1d4efc2bf19c763c17c3487f9a76db3a287a975a18f90dffea630
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_88_b8rzo7uzqt4sw.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 23806
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "613c72bd-5cfe"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_030.png
200 OK 92 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_030.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f3fb2c25fe5ed8707017bd1c48b7dad
0431fc4b55351854aa7a1b519549df5d71f18ace
d86817d248b0c22c26c6c3a95c307094345fb2b3e51245164599a7c3969d4e6c
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_030.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 91545
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "617655d2-16599"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 25 Oct 2021 06:59:30 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1009.png
200 OK 123 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1009.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 123 kB (122960 bytes)
Hash b69175dfa95eb604296c5851d0c3e475
4261111823816abc196390d2e8d44b4fbb4131ab
2bde2c2b2e0d167704830962300fd6528f914b1688a08b9cacc344af415fa1a3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1009.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 122960
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-1e050"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/body-bg.gif?wsSecret=9c640474f373448de8971c627409e467&wsTime=1701057899
200 OK 758 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/body-bg.gif?wsSecret=9c640474f373448de8971c627409e467&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 500\012- data
Hash 41a9eebb99ba7c3b2a905aaa45726923
abf17115c33bdea05313ce6bcebe3fe4d7da935a
f9b50670a93fcef81c4f838f7da60d397994bea07f83af0f51ae89d670f1189c
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/body-bg.gif?wsSecret=9c640474f373448de8971c627409e467&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 758
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5d2c7603-2f6"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: d6a641ed460c5c57431518a91fb2b3b7
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/head1.jpg?wsSecret=3eedb3047e64b94787f915e27c81b8e8&wsTime=1701057899
200 OK 7.7 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/head1.jpg?wsSecret=3eedb3047e64b94787f915e27c81b8e8&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x72, components 3\012- data
Hash 4e7da730a5cbfe4a7ce573ddcea0e60a
ac31a27a6d71a7a297905c195a6434f043f7f0a7
fe5506589506db3c8dad8b544636c2794a764f28a9ab79215714d5cfe2d866c0
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/head1.jpg?wsSecret=3eedb3047e64b94787f915e27c81b8e8&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 7727
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "613c72a9-1e2f"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-20
X-Cdn-Request-ID: 7da460d66baffc0990b55768bdbc5542
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10387/1696694827168.jpg?wsSecret=2b20f385e978f3711d1c182836cbd481&wsTime=1701057899
200 OK 526 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10387/1696694827168.jpg?wsSecret=2b20f385e978f3711d1c182836cbd481&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1384x1032, components 3\012- data
Size 526 kB (525585 bytes)
Hash 33690b3d6d7945e57d8da97f3e66aed5
3d713bf5ff5025260c8bd55e8033a347a3d032b8
1faae00556648f03a5ccdb911bab2868dd4b4f647b006960f5cc5c9d89a51f3a
GET /fserver/files/gb/627/carousel/10387/1696694827168.jpg?wsSecret=2b20f385e978f3711d1c182836cbd481&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 525585
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "6521822b-80511"
Date: Sat, 18 Nov 2023 04:09:32 GMT
Last-Modified: Sat, 07 Oct 2023 16:07:07 GMT
Expires: Mon, 18 Dec 2023 04:09:32 GMT
Age: 777325
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 2092d6604f1e84b9df9f405fabcf5703
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_017.png
200 OK 96 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_017.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea541fd7014332c36b6d147e4e97dac
ec19906ce3c4f9bf8b0811437b4e6daefb64073c
f92a42092bfb2d534b675509c54ce485f2d38f5c6e3ae25e013859f868f49ae7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_017.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 95696
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-175d0"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_018.png
200 OK 104 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_018.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (103789 bytes)
Hash 47f5aa60abc34c45a6676edb8fdf0479
26c8e877af1411d84fa894f304795cc48e7ccb3e
35097b6af20809e9e749d5744ba558e6abb5d8f1cc0a48d351d7b6266eb1353b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_018.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 103789
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-1956d"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10402/1700733529957.jpg?wsSecret=9d3318f9ffcb9136e2c0e971d26c3593&wsTime=1701057899
200 OK 886 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10402/1700733529957.jpg?wsSecret=9d3318f9ffcb9136e2c0e971d26c3593&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1384x1032, components 3\012- data
Size 886 kB (885900 bytes)
Hash 34c2ee3c6d38c35687356851ec180d12
f5dd52f1e4ac830cf1dec97dcc7b57cb4e97c8aa
40e86ca4c7acce8859f801063d5b18f05fd2485ff05319f95551f5f49ba1483b
GET /fserver/files/gb/627/carousel/10402/1700733529957.jpg?wsSecret=9d3318f9ffcb9136e2c0e971d26c3593&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 885900
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "655f225a-d848c"
Date: Thu, 23 Nov 2023 10:01:04 GMT
Last-Modified: Thu, 23 Nov 2023 09:58:50 GMT
Expires: Sat, 23 Dec 2023 10:01:04 GMT
Age: 324233
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-20
X-Cdn-Request-ID: 34e834583158fdeca047f156e5c53bf2
vue.livehelp100service.com/livechat.ashx?siteId=5001690
200 OK 448 kB URL GET HTTP/2 vue.livehelp100service.com/livechat.ashx?siteId=5001690
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint77:2D:5A:72:73:6B:79:7B:5B:7B:23:F0:4F:18:3B:D1:07:EF:47:E1
ValidityMon, 30 Oct 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 448 kB (447748 bytes)
Hash 6c206aa87339aedafa3b9c269dced61a
bf9b185f58d57f0707549d913cf68dfd8758e8c7
a4487dd5b0f0c6be3ed11b287e574143225a41788d404e282ad86f2f04086e13
GET /livechat.ashx?siteId=5001690 HTTP/1.1
Host: vue.livehelp100service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
date: Sun, 26 Nov 2023 07:09:09 GMT
server: Kestrel
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tparHXHFDueGFxRphfA2bMC1bw58-j-8k-xhG6g-xqRmrd40whs36Q==
age: 75347
X-Firefox-Spdy: h2
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1003.png
200 OK 127 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1003.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126630 bytes)
Hash b5927edf22b7afcaa8623bb2bf7a023c
27991e900ef52dc1848a4d010abaee15b9764ad7
9bd02bff9e834cfb9d1e51a452cffa22aeecb4564729009c4e76d9d92ff6a73b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1003.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 126630
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-1eea6"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1002.png
200 OK 120 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1002.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 120 kB (119603 bytes)
Hash 47f82f045a474d9481728a14eef31212
e0440f66748805d9bd9fd46164094f9848054da4
3f6b4bf17a52f4989b5ebe3ee767a5e12554b0ac387668e8da6bb6ed67224431
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1002.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 119603
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-1d333"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1001.png
200 OK 98 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1001.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 877c38be4323f2c147032108ccef2199
add9d18c6be428cb95544a73b0f6e00f11fc2b5b
a0424505fba5728d840e3f3c9dfc0b3a5c7838813eb4eb37e9babe498c79e16b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1001.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 97628
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-17d5c"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/sec-nav-bg-grad.gif?wsSecret=8b21985a387c4ed5ea9dcdfe09c9f31d&wsTime=1701057899
200 OK 376 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/sec-nav-bg-grad.gif?wsSecret=8b21985a387c4ed5ea9dcdfe09c9f31d&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 594\012- data
Hash 355b2cb853d78ae262c093065eaa6e70
3e8d2a456204e635cfe5bd959cff47faf63023fc
cd58d657e3d79583a5722257d8770e3b5f620f1d58e392f1d9460cc89ac485fa
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/sec-nav-bg-grad.gif?wsSecret=8b21985a387c4ed5ea9dcdfe09c9f31d&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 376
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5d2c7603-178"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 127ec003a4f14a6305183ae095f3d594
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/inco3.png?wsSecret=e1ef36bf25ae30fa657a4ecc59d4d3ea&wsTime=1701057899
200 OK 286 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/inco3.png?wsSecret=e1ef36bf25ae30fa657a4ecc59d4d3ea&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 16 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 1353807c6bcbe7cde684d8caec8ca5ff
af2f7c4a5fe71016b7ec5abe7450b93e1c06a466
bf890166717f0ba4ff625d229dd0ac7efa910bf4ad296d8907c282ce8c9b7597
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/inco3.png?wsSecret=e1ef36bf25ae30fa657a4ecc59d4d3ea&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 286
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5d2c7603-11e"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120185
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: a41681a0206788f3b4866c6446f95618
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10392/1698020092912.jpg?wsSecret=3e1433da8cd2f9238036707c58557f72&wsTime=1701057899
200 OK 828 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10392/1698020092912.jpg?wsSecret=3e1433da8cd2f9238036707c58557f72&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1384x1032, components 3\012- data
Size 828 kB (827751 bytes)
Hash d5ca89080e7f04ac2ef8a02cf20d1584
b80ff950f7531c97168b562ee4e57f72f6c1fd2e
96fbf8c86ec972b30068b556693fbabfebb5f2dc5e1f20fc159c7512313aa66f
GET /fserver/files/gb/627/carousel/10392/1698020092912.jpg?wsSecret=3e1433da8cd2f9238036707c58557f72&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 827751
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "6535bafc-ca167"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 23 Oct 2023 00:14:52 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120185
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 3958dcafec89234fbf96a93f4c8a5baf
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10182/1694949241591.png?wsSecret=419394fc1463632495babe4f723eea51&wsTime=1701057899
200 OK 193 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10182/1694949241591.png?wsSecret=419394fc1463632495babe4f723eea51&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 844 x 214, 8-bit/color RGBA, non-interlaced\012- data
Size 193 kB (193086 bytes)
Hash f5cdf0371701588ef59a91dbee1b2a1e
77d260c8b5541f457c2ce6b85e577172cc7ba64f
0790644fa30ae6b56e3f19b30b8135eca561762fc79849ecca3564912e88e2bd
GET /fserver/files/gb/627/carousel/10182/1694949241591.png?wsSecret=419394fc1463632495babe4f723eea51&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 193086
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "6506df79-2f23e"
Date: Tue, 14 Nov 2023 04:55:14 GMT
Last-Modified: Sun, 17 Sep 2023 11:14:01 GMT
Expires: Thu, 14 Dec 2023 04:55:14 GMT
Age: 1120184
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: ea0cf0e9f281a71ec0cb1be5767eef11
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_8673.png
200 OK 25 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_8673.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 230a3ba266ae64dee8f70d0ff2f3b0e0
e5bd5defc0486a69adf7d8b187c2100e015260a2
c38424550af0abe01c532bcfdb9d3985a006a2f50ebe65da95b5a4afd2495449
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_8673.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 25030
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "639fd3f4-61c6"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 19 Dec 2022 03:01:08 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7583.png
200 OK 20 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7583.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash a33f52ea5bd6275e21267f80791ef78a
8c628b103599834a360c53bbb3fbc9e01c5878c6
bb5a4afcdc59886a05b426337bdc6480c07742c0d06ca7bb3a03f66d904731e7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7583.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 20322
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "6242ddff-4f62"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Tue, 29 Mar 2022 10:22:55 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_73_411.png
200 OK 107 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_73_411.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (107367 bytes)
Hash f391a00c7ca4a801c7c46431f6949f3e
392e698fcd6b15c2397eb576de33134e7abae702
1ffd1f9416cc641e5c5659de5a2f1530bbe7ddeeb71c91af2db8129c6624f64f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_73_411.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 107367
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:58 GMT
Etag: "613c72bd-1a367"
Expires: Tue, 28 Nov 2023 04:04:58 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:25 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_012.png
200 OK 99 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_012.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d9b708f3313917c09eb78bbe19876a5
4b254e52083cf6f29daf23393f398f9c542638f1
29c83142b9e396bb4645c5b797b46ea424e84ec7c46baab65f5223ddb85519cf
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_012.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 98689
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "615e79f3-18181"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Thu, 07 Oct 2021 04:39:15 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
200 OK 1.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5y7wpn.gaokejd.xyz/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5d848f4f-529"
Date: Tue, 14 Nov 2023 04:55:11 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Thu, 14 Dec 2023 04:55:11 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: cf6dc6b58f8324dae858dc6a9e39d86d
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/sports-infos-bg.png?wsSecret=50005653fe7229a6696d41e790eab84b&wsTime=1701057899
200 OK 4.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/sports-infos-bg.png?wsSecret=50005653fe7229a6696d41e790eab84b&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 414 x 204, 8-bit/color RGB, non-interlaced\012- data
Hash 69957649d4c70d7b7cc0c1aa434c462f
9070128b8ee6a699818e5deb33c926581d5b0b6f
6cff75537c35a2a855cafaf1d2d45767867dbc28774da40ed8c4fd4f4f74a813
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/sports-infos-bg.png?wsSecret=50005653fe7229a6696d41e790eab84b&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4311
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5d2c7603-10d7"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: d7b8b833ddf43a59bcf2f4f38ccbd42a
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7697.png
200 OK 27 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7697.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 6806dc9c36ddfc927f9814ab1f8a021c
fee37bf769af8a26bf58ed70405100bfee39e867
1455e15577781e784863594804797d19c9edb69c6aaa32fe86f9268b9847d6c0
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7697.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 26952
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:05:00 GMT
Etag: "6242ddff-6948"
Expires: Tue, 28 Nov 2023 04:05:00 GMT
Last-Modified: Tue, 29 Mar 2022 10:22:55 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/betNow.png?wsSecret=5c33fc0e417691eb543a3461457f19a1&wsTime=1701057899
200 OK 484 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/betNow.png?wsSecret=5c33fc0e417691eb543a3461457f19a1&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 170 x 28, 8-bit colormap, non-interlaced\012- data
Hash b1ab87f2aa1045cf56bd192752fb20ba
e8b07455934b82eb6c9d1a5d657c582822eb32cc
527228714a2a640b71788550f8dcd2c0964ee13fdfddc1c57ff377134f8fcecb
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/betNow.png?wsSecret=5c33fc0e417691eb543a3461457f19a1&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 484
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "615a9fcc-1e4"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 04 Oct 2021 06:31:40 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 2ea9da2fd28835b3bce07b102c39c459
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/bg-products.gif?wsSecret=1be0bee1b88c64f5f5fe6573572a1a34&wsTime=1701057899
200 OK 21 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/bg-products.gif?wsSecret=1be0bee1b88c64f5f5fe6573572a1a34&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 271 x 302\012- data
Hash e6c33fd46eacf329da3565adb295287a
79b107df875842fd4e22809f21b60c322d128cce
1694db51d04b5d207f7bc4ca11a7fcd2ca171b2f4c2c2b12d1c75e5cb3dbe20f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/bg-products.gif?wsSecret=1be0bee1b88c64f5f5fe6573572a1a34&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 21028
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5d2c7603-5224"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 15 Jul 2019 12:48:03 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-18
X-Cdn-Request-ID: 6705ae28d36ee7d211cc466c5f464759
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1004.png
200 OK 107 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1004.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (107087 bytes)
Hash 97e7e1d62e6ab7d3fb963eeaa7eaf82c
0b8b4dfbecc67f6c2108f1518363b04df485c23c
ba14d4ca242898af3cc3283eae416223f025413067480df7b0dd1ec6904d1b38
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_ds_1004.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 107087
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-1a24f"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7695.png
200 OK 23 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7695.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit colormap, non-interlaced\012- data
Hash 3c3c588128385827b532946ac86d0a6d
7d84bebb554df6b3c699352d83d640368903ceff
206c91c826cef5d9db409283a0c439a4322211588ecc14b6abb0af9d4573b328
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_3_7695.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 22623
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:05:00 GMT
Etag: "6242ddff-585f"
Expires: Tue, 28 Nov 2023 04:05:00 GMT
Last-Modified: Tue, 29 Mar 2022 10:22:55 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/arrow.png?wsSecret=f09b54e0241c7dbea61abc1820cd2922&wsTime=1701057899
200 OK 260 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/arrow.png?wsSecret=f09b54e0241c7dbea61abc1820cd2922&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 10 x 14, 8-bit colormap, non-interlaced\012- data
Hash e602938a99acc154421381f39d5652d8
e12cb203b3e61b0cae31ad5cb3241555caba6c10
73500ead881aa273814d982b0a0e78dc29ebf04f37b5932667785f6f7c45a664
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/arrow.png?wsSecret=f09b54e0241c7dbea61abc1820cd2922&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 260
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "615a9fcc-104"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Mon, 04 Oct 2021 06:31:40 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: e7f6bf23e3f939ba5f9a6c65dd3ab1c0
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/icon_match_prev.png?wsSecret=734893e3cd1cd19ac4543e9da5b97e8f&wsTime=1701057899
200 OK 2.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/icon_match_prev.png?wsSecret=734893e3cd1cd19ac4543e9da5b97e8f&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 14 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash b873e4dddfe48288b1756349ab019830
4e53e73668ba1e33f4dd53ab9aa11c3116c149dc
dadda5f44eb9b08edb6bf9821a644aa9f6557ebbe82ae27866140192780c9213
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/icon_match_prev.png?wsSecret=734893e3cd1cd19ac4543e9da5b97e8f&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2089
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "613c72a9-829"
Date: Tue, 14 Nov 2023 04:55:12 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Thu, 14 Dec 2023 04:55:12 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-16
X-Cdn-Request-ID: c43c56f7258643576c75100f31777adc
912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_020.png
200 OK 106 kB URL GET HTTP/1.1 912337.com:8989/ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_020.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject912337.com
Fingerprint35:F2:56:63:AA:DA:20:68:64:25:AD:40:40:5F:F5:51:7A:7D:AA:04
ValidityThu, 05 Oct 2023 16:04:36 GMT - Wed, 03 Jan 2024 16:04:35 GMT
File type PNG image data, 250 x 215, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105577 bytes)
Hash 88a047662775c71a5483b0643e4cc75d
1403cc8add3e60970a95f9dd1b23084b850266be
ba2434bbbac29b41f9fc1f429f7311ca994e3888dbbd5b115a9829438ab130f7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/resource/chess/public/game/game01/2x/zh_CN/game_fish_90_at2_020.png HTTP/1.1
Host: 912337.com:8989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Length: 105577
Content-Type: image/png
Date: Mon, 27 Nov 2023 04:04:59 GMT
Etag: "61513db1-19c69"
Expires: Tue, 28 Nov 2023 04:04:59 GMT
Last-Modified: Mon, 27 Sep 2021 03:42:41 GMT
Out-Line: gb-cdn-802
Uuid: -
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/icon_match_next.png?wsSecret=246a1c4301433629e159bf73048f8f64&wsTime=1701057899
200 OK 2.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/icon_match_next.png?wsSecret=246a1c4301433629e159bf73048f8f64&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 14 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash c571d5d9e6009ddad889472d4862fb34
38c454b97f36f53906f200dbd838fd058abc278c
4e095259026ca8ccf5c778fa9eec9f71eb4230b010e9d95fc30c37510d507e03
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/icon_match_next.png?wsSecret=246a1c4301433629e159bf73048f8f64&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1992
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "613c72a9-7c8"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 477f061f0dea879b763452b3bbecd11c
5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/play.png?wsSecret=9079bdcf671587243c2115972713340c&wsTime=1701057899
200 OK 484 B URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/bet365-627/themes/images/play.png?wsSecret=9079bdcf671587243c2115972713340c&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 170 x 28, 8-bit colormap, non-interlaced\012- data
Hash b1ab87f2aa1045cf56bd192752fb20ba
e8b07455934b82eb6c9d1a5d657c582822eb32cc
527228714a2a640b71788550f8dcd2c0964ee13fdfddc1c57ff377134f8fcecb
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-627/themes/images/play.png?wsSecret=9079bdcf671587243c2115972713340c&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 484
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "615a9fcc-1e4"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Mon, 04 Oct 2021 06:31:40 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-20
X-Cdn-Request-ID: d46ce980d249cc969ac5760a6aeba604
5y7wpn.gaokejd.xyz/fserver/files/gb/141/sportTeam/50/1617854048931.png?wsSecret=a3461aec09e4bae4447fb7fa1a62c146&wsTime=1701057899
200 OK 8.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/141/sportTeam/50/1617854048931.png?wsSecret=a3461aec09e4bae4447fb7fa1a62c146&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6214814078d1819d106d67044b150cbd
af43ad2ecc4348049de6702ca2c702212cd32664
61d575577ad8826df2f7acc7709405ea276f4dc51752a83afac24c432bbadaa3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/141/sportTeam/50/1617854048931.png?wsSecret=a3461aec09e4bae4447fb7fa1a62c146&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8077
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "606e7e60-1f8d"
Date: Thu, 23 Nov 2023 17:12:53 GMT
Last-Modified: Thu, 08 Apr 2021 03:54:08 GMT
Expires: Sat, 23 Dec 2023 17:12:53 GMT
Age: 298326
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 683256b4c998e6fbac3150335ce43ec0
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en04.png?wsSecret=760b2052c10433015da8fa72df2fe2cb&wsTime=1701057899
200 OK 9.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en04.png?wsSecret=760b2052c10433015da8fa72df2fe2cb&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash e0114cbba5dc0fa0f5e0172547f90d3e
85503a6a0e47a9f73e31a0a49d7fe98cf5c6cd09
9a3a86c7b79b5a9f65eb18b3d582976d6baf3ea6b740e008307efb8b056a487b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en04.png?wsSecret=760b2052c10433015da8fa72df2fe2cb&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9919
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5beb967e-26bf"
Date: Tue, 14 Nov 2023 04:55:14 GMT
Last-Modified: Wed, 14 Nov 2018 03:29:02 GMT
Expires: Thu, 14 Dec 2023 04:55:14 GMT
Age: 1120185
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: 57c69bd24d0063ca974fd7e7ece073bc
5y7wpn.gaokejd.xyz/fserver/files/gb/1116/sportTeam/18/1673237416342.png?wsSecret=2d944661e73486623857bcca68f69631&wsTime=1701057899
200 OK 245 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1116/sportTeam/18/1673237416342.png?wsSecret=2d944661e73486623857bcca68f69631&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 245 kB (245434 bytes)
Hash e82591e56799b80bb4521170fbfcf79f
045c0012cb6cd4cdcd1e0d817fc8c81b21c3d09e
76efd096cbff0199c837424d6830eed46247a92cb9f0dbda7587b07d7fdf2e6d
GET /fserver/files/gb/1116/sportTeam/18/1673237416342.png?wsSecret=2d944661e73486623857bcca68f69631&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 245434
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "63bb93a8-3beba"
Date: Thu, 23 Nov 2023 17:12:53 GMT
Last-Modified: Mon, 09 Jan 2023 04:10:16 GMT
Expires: Sat, 23 Dec 2023 17:12:53 GMT
Age: 298326
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 23832f9cfa23f7f331c8303bf016c8d6
5y7wpn.gaokejd.xyz/fserver/files/gb/1116/sportTeam/18/1603353108252.png?wsSecret=e3cfdc43cbc7e6dd5b5bbde0abf57ac3&wsTime=1701057899
200 OK 14 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1116/sportTeam/18/1603353108252.png?wsSecret=e3cfdc43cbc7e6dd5b5bbde0abf57ac3&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 268 x 268, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f123699f701c7397477f4aefcb495ed
dac2c3a50d37c6a9bb7e5bc528a9f7fb841f5d50
a769de81e7453d42be81f0e3017a161ecbaf66029079aff4b6c44968dc419044
GET /fserver/files/gb/1116/sportTeam/18/1603353108252.png?wsSecret=e3cfdc43cbc7e6dd5b5bbde0abf57ac3&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 14167
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5f913a14-3757"
Date: Thu, 23 Nov 2023 17:06:03 GMT
Last-Modified: Thu, 22 Oct 2020 07:51:48 GMT
Expires: Sat, 23 Dec 2023 17:06:03 GMT
Age: 298736
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 4a7e8abfbdbad9b55482f27370887084
5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/3/1660349131065.png?wsSecret=e883d403d3ace91691a95a6521ad626f&wsTime=1701057899
200 OK 4.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/3/1660349131065.png?wsSecret=e883d403d3ace91691a95a6521ad626f&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 98341f317ca14a012fd2f8c8dbab1e56
11da0758bd6e7893d81bb665f0334832ba983aef
d899880da7811ae5b8d07f6f1d7eb1e93d9da3c4a1197a7a918491a2e71d835b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/1106/sportTeam/3/1660349131065.png?wsSecret=e883d403d3ace91691a95a6521ad626f&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4881
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "62f6eacb-1311"
Date: Wed, 15 Nov 2023 17:13:43 GMT
Last-Modified: Sat, 13 Aug 2022 00:05:31 GMT
Expires: Fri, 15 Dec 2023 17:13:43 GMT
Age: 989476
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-17
X-Cdn-Request-ID: 9ceab4ad656d3efbe8c014669d25ee9d
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1597293413453.png?wsSecret=142d15b0b1be4da931f66429e60a2816&wsTime=1701057899
200 OK 183 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1597293413453.png?wsSecret=142d15b0b1be4da931f66429e60a2816&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 4000 x 2574, 8-bit colormap, non-interlaced\012- data
Size 183 kB (182807 bytes)
Hash bc1a9fdeab762a7930a8e45f6c6d42b2
4d476e021f9834d417422fab1000c45176ac19b4
b46b8211dc75109f59cf2dee7de4cb806fb9d1445ddfa389114f8f86b9175ae9
GET /fserver/files/gb/1272/sportTeam/49/1597293413453.png?wsSecret=142d15b0b1be4da931f66429e60a2816&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 182807
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "6379b39f-2ca17"
Date: Mon, 20 Nov 2023 16:40:25 GMT
Last-Modified: Sun, 20 Nov 2022 04:57:03 GMT
Expires: Wed, 20 Dec 2023 16:40:25 GMT
Age: 559475
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: PENDING from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 1bd8a76478bce99e11cb5b7d9cddfc97
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/it15.png?wsSecret=46cb4927aa5c798463da3df49ac07ca5&wsTime=1701057899
200 OK 3.6 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/it15.png?wsSecret=46cb4927aa5c798463da3df49ac07ca5&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 59d78d849c6ee0380da2946a1ab83b5b
d5331efee7750b3abd8c6ed8fbcdf5e9def6b798
273532c2c77aca391e2af97ae2af404dc64a7bbf181488510ed12a0576436f6f
GET /fserver/files/sportTeam/football/it15.png?wsSecret=46cb4927aa5c798463da3df49ac07ca5&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3581
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5bed34c6-dfd"
Date: Fri, 17 Nov 2023 16:22:20 GMT
Last-Modified: Thu, 15 Nov 2018 08:56:38 GMT
Expires: Sun, 17 Dec 2023 16:22:20 GMT
Age: 819760
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 81c9435ce97e4680f2cbfe52d1a4e2a4
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en07.png?wsSecret=5b5663eda045d272bf47b142940f7c48&wsTime=1701057899
200 OK 5.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en07.png?wsSecret=5b5663eda045d272bf47b142940f7c48&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 991514091de72a099ae947c7e0bd2c9d
446770ed35c0570b9cac57d5728cc33ba55f6046
393e067c36af1ce4084aa6d758c20f57db38ed68c9ffee331899cf9a1c5b703f
GET /fserver/files/sportTeam/football/en07.png?wsSecret=5b5663eda045d272bf47b142940f7c48&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5916
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5bebb5a8-171c"
Date: Sat, 25 Nov 2023 16:48:02 GMT
Last-Modified: Wed, 14 Nov 2018 05:42:00 GMT
Expires: Mon, 25 Dec 2023 16:48:02 GMT
Age: 127018
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-17
X-Cdn-Request-ID: 1dc7284c65b2f6fead5dfa0f4d784c72
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/it09.png?wsSecret=de38ec1b0b7284160ad1372ca7e4f36c&wsTime=1701057899
200 OK 5.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/it09.png?wsSecret=de38ec1b0b7284160ad1372ca7e4f36c&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 24fe79a84f7fb9ea7310eada69adbced
bb91799145cb082bfc195521ed9b5f32beb08597
16eab4ca9571da5f451b70ec61d9b7d14bf85c297bda33e58739237866086fce
GET /fserver/files/sportTeam/football/it09.png?wsSecret=de38ec1b0b7284160ad1372ca7e4f36c&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5944
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5bed34c0-1738"
Date: Fri, 17 Nov 2023 16:22:20 GMT
Last-Modified: Thu, 15 Nov 2018 08:56:32 GMT
Expires: Sun, 17 Dec 2023 16:22:20 GMT
Age: 819760
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: 21e809ba74519db9d04e3c74f3f35a71
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en30.png?wsSecret=3f4f141a73c0d840442b0532610fdbcc&wsTime=1701057899
200 OK 7.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en30.png?wsSecret=3f4f141a73c0d840442b0532610fdbcc&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 94aba9869f84009053821849033a02f5
9fcd863746f5ad3ba23686b755501a01c1daa0f8
bc5c6982a07c154a6df5dccc8caa7c9070a54efe1611c964527b8efcb725faf9
GET /fserver/files/sportTeam/football/en30.png?wsSecret=3f4f141a73c0d840442b0532610fdbcc&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7112
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5bebb598-1bc8"
Date: Sat, 25 Nov 2023 16:48:02 GMT
Last-Modified: Wed, 14 Nov 2018 05:41:44 GMT
Expires: Mon, 25 Dec 2023 16:48:02 GMT
Age: 127018
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 6814fc9100e3c3cb6db9d04ec31889f0
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en06.png?wsSecret=27f99dd34d71458c3ff8500bdbedc09a&wsTime=1701057899
200 OK 8.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en06.png?wsSecret=27f99dd34d71458c3ff8500bdbedc09a&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 8c597c02135fc6dd1fcd25fbb155bf64
1766765d593b2cfbd199e178d95a4257a6d23fd5
4307d34ec5c483ad4cb5e09b33691f5725a301a68eea661243ce89110587646c
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en06.png?wsSecret=27f99dd34d71458c3ff8500bdbedc09a&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8266
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5beb9668-204a"
Date: Tue, 14 Nov 2023 04:55:15 GMT
Last-Modified: Wed, 14 Nov 2018 03:28:40 GMT
Expires: Thu, 14 Dec 2023 04:55:15 GMT
Age: 1120184
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 7438415eacddc8fe99d82121f07a11d3
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/fr27.png?wsSecret=42ac4aa2d310409201f48ad1fa2e8410&wsTime=1701057899
200 OK 5.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/fr27.png?wsSecret=42ac4aa2d310409201f48ad1fa2e8410&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 8ebade574cca1f25cfe97bfc609e552d
49cd04b18560d6224a6fe1752294673d30140136
3894228ba3704c8980366724fb4e140d256ed9429ee1b83d4741dfef13a39492
GET /fserver/files/sportTeam/football/fr27.png?wsSecret=42ac4aa2d310409201f48ad1fa2e8410&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5291
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5beba074-14ab"
Date: Wed, 22 Nov 2023 17:20:50 GMT
Last-Modified: Wed, 14 Nov 2018 04:11:32 GMT
Expires: Fri, 22 Dec 2023 17:20:50 GMT
Age: 384250
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 39e712e33566dbb8f5f95530ffb818fc
5y7wpn.gaokejd.xyz/fserver/files/gb/950/sportTeam/5/1673036026164.png?wsSecret=74fd16a2dbeb35412f10a382ff7541db&wsTime=1701057899
200 OK 30 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/950/sportTeam/5/1673036026164.png?wsSecret=74fd16a2dbeb35412f10a382ff7541db&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash e2211461e095ca8d7d3e80c0c8c99ce7
fe6cdadefe76bdf07acbac9061f106610fce0b93
0d93f1bd751406d7894576d704dfa96c4796d53c724dafbc680e57690c52b8de
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/950/sportTeam/5/1673036026164.png?wsSecret=74fd16a2dbeb35412f10a382ff7541db&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 29758
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "63b880fa-743e"
Date: Fri, 17 Nov 2023 16:30:13 GMT
Last-Modified: Fri, 06 Jan 2023 20:13:46 GMT
Expires: Sun, 17 Dec 2023 16:30:13 GMT
Age: 819287
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 9e73c9b3580cbc06a0f0b4a8167b9f4e
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/es16.png?wsSecret=d3e8c910910c57338bfeef1c2c7c6161&wsTime=1701057899
200 OK 15 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/es16.png?wsSecret=d3e8c910910c57338bfeef1c2c7c6161&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 154d503e003b1477ea910732f6b794b4
d50ab15193ad6b6d2cd88465de2c30574d503793
3f90806ea74061a9b12c68d12dcc9cf38c40e9ff2b6f37c33001f94d288a3357
GET /fserver/files/sportTeam/football/es16.png?wsSecret=d3e8c910910c57338bfeef1c2c7c6161&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 14686
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5bed35d4-395e"
Date: Fri, 17 Nov 2023 16:30:12 GMT
Last-Modified: Thu, 15 Nov 2018 09:01:08 GMT
Expires: Sun, 17 Dec 2023 16:30:12 GMT
Age: 819288
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: f0dafd313023e772636dd159a48f933a
5y7wpn.gaokejd.xyz/fserver/files/gb/388/sportTeam/49/1618265491118.png?wsSecret=15c85bba88edcd22b9ac1df3a31bad70&wsTime=1701057899
200 OK 74 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/388/sportTeam/49/1618265491118.png?wsSecret=15c85bba88edcd22b9ac1df3a31bad70&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 330 x 301, 8-bit/color RGBA, non-interlaced\012- data
Hash c409e661a000f1962381ff5f777de1cd
d704b46cf2fc94a900967fc41fb2fb087befc1d7
11b867da5ece12977681eeeab1fd47283b68a9c4c3111cb86ba9d04e795901a7
GET /fserver/files/gb/388/sportTeam/49/1618265491118.png?wsSecret=15c85bba88edcd22b9ac1df3a31bad70&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 73638
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "6074c593-11fa6"
Date: Mon, 20 Nov 2023 16:47:52 GMT
Last-Modified: Mon, 12 Apr 2021 22:11:31 GMT
Expires: Wed, 20 Dec 2023 16:47:52 GMT
Age: 559028
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 1d0d47a760733029bb33767cc8e834d5
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596876673983.png?wsSecret=16805747106d97c8e62da5f0a9f7d029&wsTime=1701057899
200 OK 45 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596876673983.png?wsSecret=16805747106d97c8e62da5f0a9f7d029&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 1200 x 1215, 8-bit colormap, non-interlaced\012- data
Hash d4f78c62ee5534abb54ce487e059dc5d
c332e4faffdcb9250201223c00cbdaf3cee500b4
f1fd481825f198a3a5f5c303dbe8323a1566c6f27130063be0b81c3351d76860
GET /fserver/files/gb/1272/sportTeam/49/1596876673983.png?wsSecret=16805747106d97c8e62da5f0a9f7d029&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 44669
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "635dc5ad-ae7d"
Date: Mon, 20 Nov 2023 16:47:52 GMT
Last-Modified: Sun, 30 Oct 2022 00:30:37 GMT
Expires: Wed, 20 Dec 2023 16:47:52 GMT
Age: 559029
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 818ae167918cfcdfc3aea626fec89e1d
5y7wpn.gaokejd.xyz/fserver/files/gb/1555/sportTeam/49/1664977001573.png?wsSecret=82657500c6ce93ecabff67d10e16a0b2&wsTime=1701057899
200 OK 28 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1555/sportTeam/49/1664977001573.png?wsSecret=82657500c6ce93ecabff67d10e16a0b2&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d5ff96bc853014504dbcf4f147a41b9
b38d64285b89069241e01556672b281f19a72a2e
66fdd51cabeec6c53928bd88e7eb76cc827561b956b7bcc95f01014eeda2e49f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/1555/sportTeam/49/1664977001573.png?wsSecret=82657500c6ce93ecabff67d10e16a0b2&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 28075
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "633d8869-6dab"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Wed, 05 Oct 2022 13:36:41 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: c0cd27f7e076bd49bfa9a8fa099223a0
5y7wpn.gaokejd.xyz/fserver/files/gb/388/sportTeam/49/1618352303443.png?wsSecret=418cee76d051bfddcc8d8e7907a9d7c9&wsTime=1701057899
200 OK 12 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/388/sportTeam/49/1618352303443.png?wsSecret=418cee76d051bfddcc8d8e7907a9d7c9&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 330 x 186, 8-bit/color RGBA, non-interlaced\012- data
Hash 9049cd5982fd357336d3fb06a4818f2c
6b832995e746fef146e577588fb819c0cc3f6cfc
d663069a41ae8d28e6f2b5e12fdf29a3ec24cd2d7ee6efb7b9899457c3099bc3
GET /fserver/files/gb/388/sportTeam/49/1618352303443.png?wsSecret=418cee76d051bfddcc8d8e7907a9d7c9&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11883
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "607618af-2e6b"
Date: Mon, 20 Nov 2023 16:28:22 GMT
Last-Modified: Tue, 13 Apr 2021 22:18:23 GMT
Expires: Wed, 20 Dec 2023 16:28:22 GMT
Age: 560198
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-19
X-Cdn-Request-ID: e311fd53fc661f668be59d1d1044976d
5y7wpn.gaokejd.xyz/fserver/files/gb/1377/sportTeam/48/1599484638979.png?wsSecret=6a4694bfe224e870cde25147c9343df5&wsTime=1701057899
200 OK 6.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1377/sportTeam/48/1599484638979.png?wsSecret=6a4694bfe224e870cde25147c9343df5&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 4699512e0ddddd358b40f3791364269f
ef1620f851c99efea506d913380fd82a842fe748
fb2fe393b9ede9c096b8f46f001b3d71be212a1a0332f9eb44f34a7ff8d5db30
GET /fserver/files/gb/1377/sportTeam/48/1599484638979.png?wsSecret=6a4694bfe224e870cde25147c9343df5&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5991
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5f5621ed-1767"
Date: Tue, 14 Nov 2023 04:55:14 GMT
Last-Modified: Mon, 07 Sep 2020 12:05:01 GMT
Expires: Thu, 14 Dec 2023 04:55:14 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: fa5474084b809c3d2a64e16ed7b639fd
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en05.png?wsSecret=6b87880ecd2fb6f75396742f8406948c&wsTime=1701057899
200 OK 8.1 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en05.png?wsSecret=6b87880ecd2fb6f75396742f8406948c&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash d4d526ca101ac220b53a7d9eb007eda3
82a07f37e5e53cc4a2e2316fadebb9bccbb1f8e6
48fce16e7be46211674b1e2f2c9c8c80fe5f4f2ad20e0bf00f89a428128c7583
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en05.png?wsSecret=6b87880ecd2fb6f75396742f8406948c&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8057
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "5beb9672-1f79"
Date: Sun, 26 Nov 2023 17:10:56 GMT
Last-Modified: Wed, 14 Nov 2018 03:28:50 GMT
Expires: Tue, 26 Dec 2023 17:10:56 GMT
Age: 39245
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: d72257d740040296df42d73ae9afbe05
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en15.png?wsSecret=30574d111a944f0014b2903addd1ee15&wsTime=1701057899
200 OK 5.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en15.png?wsSecret=30574d111a944f0014b2903addd1ee15&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash a2d009bfc0d1fe160bf17a69ace2a70f
4fce7ff086b08e8c47417fe84e5253980f983b6e
a8b8db18971e600284e533d0f4471c1e183b576561ee26fddcf70aa1a3ee6d3b
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en15.png?wsSecret=30574d111a944f0014b2903addd1ee15&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5019
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5bebb5ac-139b"
Date: Sun, 26 Nov 2023 17:10:56 GMT
Last-Modified: Wed, 14 Nov 2018 05:42:04 GMT
Expires: Tue, 26 Dec 2023 17:10:56 GMT
Age: 39245
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 10140896962929d8cc3a782175825031
5y7wpn.gaokejd.xyz/fserver/files/gb/141/sportTeam/1/1607994223709.png?wsSecret=512a449388ec65d3e528a52b35bd726c&wsTime=1701057899
200 OK 9.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/141/sportTeam/1/1607994223709.png?wsSecret=512a449388ec65d3e528a52b35bd726c&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ca6d2b1bd7bae48b6a0e6b907fee0d64
d19ab1c285b9165d0f23d27fea35159d75c7b161
fe5a671968047f1474384262293eb504c73e081798c1a04fc7cf12e8aee931d4
GET /fserver/files/gb/141/sportTeam/1/1607994223709.png?wsSecret=512a449388ec65d3e528a52b35bd726c&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9252
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5fd80b6f-2424"
Date: Sat, 25 Nov 2023 16:43:54 GMT
Last-Modified: Tue, 15 Dec 2020 01:03:43 GMT
Expires: Mon, 25 Dec 2023 16:43:54 GMT
Age: 127266
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 9a2b45c83028a06f3883f729f71dac7d
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en09.png?wsSecret=7c472e6fe47e75ad2766601a89aeff05&wsTime=1701057899
200 OK 9.6 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en09.png?wsSecret=7c472e6fe47e75ad2766601a89aeff05&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash abc6a2cdcccc74772d0f569929fc5b61
20eeee06de7b205a24ad1d0eda489356df48dcd2
e5a8a6b82b062e7bee47cd15f831a8249c23a5627d2aaca3d9cdd65d4c179720
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en09.png?wsSecret=7c472e6fe47e75ad2766601a89aeff05&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9556
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5bebb594-2554"
Date: Sat, 25 Nov 2023 16:43:54 GMT
Last-Modified: Wed, 14 Nov 2018 05:41:40 GMT
Expires: Mon, 25 Dec 2023 16:43:54 GMT
Age: 127266
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-19
X-Cdn-Request-ID: 88873d9ddfb4a86e724a49e8d7e243ef
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/18/1603968153514.png?wsSecret=e041b16bed6f3dffce256ce3f8ce4e2b&wsTime=1701057899
200 OK 7.3 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/18/1603968153514.png?wsSecret=e041b16bed6f3dffce256ce3f8ce4e2b&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 136 x 160, 8-bit colormap, non-interlaced\012- data
Hash 509b7230478889e18f451b582ae1e1f1
9c54c7ff942daeb72cb0177384c414431744db61
ed77f50ee6311dcdba32ccbb9fd579f3cdea9fc32cdea4585201bc4991e24960
GET /fserver/files/gb/1272/sportTeam/18/1603968153514.png?wsSecret=e041b16bed6f3dffce256ce3f8ce4e2b&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7290
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5f9a9c99-1c7a"
Date: Wed, 22 Nov 2023 17:32:29 GMT
Last-Modified: Thu, 29 Oct 2020 10:42:33 GMT
Expires: Fri, 22 Dec 2023 17:32:29 GMT
Age: 383551
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 36171066f29e2f9099a66cbfa1183564
5y7wpn.gaokejd.xyz/fserver/files/gb/1555/sportTeam/50/1665654312303.png?wsSecret=9232f21c7c728fc3547c52f46a0af4bc&wsTime=1701057899
200 OK 23 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1555/sportTeam/50/1665654312303.png?wsSecret=9232f21c7c728fc3547c52f46a0af4bc&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash c6e9969a1a4893650501013f38f4b295
b188479ce75700e175f68ec80c8f0d48d7ae055b
43f528704e6900b168aadbe2f637ac78c1ebf033fb2723fd7c5435797ad4d216
GET /fserver/files/gb/1555/sportTeam/50/1665654312303.png?wsSecret=9232f21c7c728fc3547c52f46a0af4bc&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 22959
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "6347de28-59af"
Date: Wed, 22 Nov 2023 17:32:29 GMT
Last-Modified: Thu, 13 Oct 2022 09:45:12 GMT
Expires: Fri, 22 Dec 2023 17:32:29 GMT
Age: 383551
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: 00d16e2359533a8d09c285ca6b5dd2f9
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/1/1609832470314.png?wsSecret=89be7cbe51345023a537beced38a0942&wsTime=1701057899
200 OK 38 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/1/1609832470314.png?wsSecret=89be7cbe51345023a537beced38a0942&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 9407a5bd8b88c6b425bead4ff88eaee8
ddc5ad54dec603258f579f4c6824817cecc258d7
9804dbb56223e223577371c9e50a2b52c8621473b846350692b32221f26852e0
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/1272/sportTeam/1/1609832470314.png?wsSecret=89be7cbe51345023a537beced38a0942&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 38126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5ff41816-94ee"
Date: Tue, 14 Nov 2023 04:55:15 GMT
Last-Modified: Tue, 05 Jan 2021 07:41:10 GMT
Expires: Thu, 14 Dec 2023 04:55:15 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 7caffa5eb5150c5fd0eeaef906fb127f
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596773325573.png?wsSecret=48bc7e7b6c113fd0cf7e527134c66c77&wsTime=1701057899
200 OK 95 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596773325573.png?wsSecret=48bc7e7b6c113fd0cf7e527134c66c77&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 1200 x 1683, 8-bit colormap, non-interlaced\012- data
Hash 9667fe384375641358e3d784742cd3fd
dc9ff20453eab03693b91defb163233978629688
91291411c3b2c01203eb1670110f9dd54b327af407b1721be67b3122b249accd
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/1272/sportTeam/49/1596773325573.png?wsSecret=48bc7e7b6c113fd0cf7e527134c66c77&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 95107
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "635dc5a1-17383"
Date: Wed, 22 Nov 2023 17:23:40 GMT
Last-Modified: Sun, 30 Oct 2022 00:30:25 GMT
Expires: Fri, 22 Dec 2023 17:23:40 GMT
Age: 384081
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 31e433cef8db9a26a0d6ec43305a0fb2
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596876784308.png?wsSecret=1e1cdb026b3c8fef4490621a8cd9168d&wsTime=1701057899
200 OK 158 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/49/1596876784308.png?wsSecret=1e1cdb026b3c8fef4490621a8cd9168d&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 3144 x 3144, 8-bit colormap, non-interlaced\012- data
Size 158 kB (157568 bytes)
Hash 252b8ae1519e0f51e2737bed066952fd
9830c0ba6f719a1fad991f0b9c5b354086f0fc24
15f64f997efcf1ff6fcab26b8af883171a198b9d240666ea4207e09cd71d2e36
GET /fserver/files/gb/1272/sportTeam/49/1596876784308.png?wsSecret=1e1cdb026b3c8fef4490621a8cd9168d&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 157568
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6379b38f-26780"
Date: Wed, 22 Nov 2023 17:23:40 GMT
Last-Modified: Sun, 20 Nov 2022 04:56:47 GMT
Expires: Fri, 22 Dec 2023 17:23:40 GMT
Age: 384081
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: d95bc19d7a4b9d3fc800d2ab0159e5b2
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/1/1599878166834.png?wsSecret=a672d5070cf9e8407072605861d9b84e&wsTime=1701057899
200 OK 115 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/1/1599878166834.png?wsSecret=a672d5070cf9e8407072605861d9b84e&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 2254 x 3000, 8-bit colormap, non-interlaced\012- data
Size 115 kB (114693 bytes)
Hash da08a0611d7969e620a8cb738a9fb62e
7c2020422541084613882952f9e7ba5165fae5d9
83c611c5b6222261d0562274c9bbc8e654ab2e49c513e3f5ea644ad499c35474
GET /fserver/files/gb/1272/sportTeam/1/1599878166834.png?wsSecret=a672d5070cf9e8407072605861d9b84e&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 114693
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "6379b409-1c005"
Date: Fri, 17 Nov 2023 16:26:19 GMT
Last-Modified: Sun, 20 Nov 2022 04:58:49 GMT
Expires: Sun, 17 Dec 2023 16:26:19 GMT
Age: 819522
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: aede47634544b09e5bdedb028116f6d7
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en18.png?wsSecret=c86611bd49a63a79164ea2938ece83e2&wsTime=1701057899
200 OK 3.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en18.png?wsSecret=c86611bd49a63a79164ea2938ece83e2&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 68607525a6a5940991ccd7bc9b98378f
0a1ae72e754180412b17d26ed70a5e9ff3a92110
82b3220756a2637c526467b98faeb1fc60a1b007e4d9f1499a3f03406f121165
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en18.png?wsSecret=c86611bd49a63a79164ea2938ece83e2&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3044
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5bebb58c-be4"
Date: Fri, 17 Nov 2023 16:26:19 GMT
Last-Modified: Wed, 14 Nov 2018 05:41:32 GMT
Expires: Sun, 17 Dec 2023 16:26:19 GMT
Age: 819522
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-18
X-Cdn-Request-ID: 22b88c8c04680dd02b406868058af880
5y7wpn.gaokejd.xyz/fserver/files/gb/627/sportTeam/91/1700068798763.png?wsSecret=2b8fef19539477c8295cc4a694b99776&wsTime=1701057899
200 OK 13 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/sportTeam/91/1700068798763.png?wsSecret=2b8fef19539477c8295cc4a694b99776&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 51ff7c9285d34d2cc2017208df3c5f44
7101461dbf1b468ec7474389c382bc21fe833f25
e5e8305b75588075dccf3a8e907dccc897bbd831f0984635b44a32eab3e30c0a
GET /fserver/files/gb/627/sportTeam/91/1700068798763.png?wsSecret=2b8fef19539477c8295cc4a694b99776&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 12994
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "6554fdbe-32c2"
Date: Wed, 15 Nov 2023 17:20:45 GMT
Last-Modified: Wed, 15 Nov 2023 17:19:58 GMT
Expires: Fri, 15 Dec 2023 17:20:45 GMT
Age: 989056
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-17
X-Cdn-Request-ID: 6ce7237866a91090c9709c87fe4d94df
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en33.png?wsSecret=aedcb0d1a5cf33f40eb51ea7b1bb18d2&wsTime=1701057899
200 OK 5.5 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en33.png?wsSecret=aedcb0d1a5cf33f40eb51ea7b1bb18d2&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash bb04140254254785132f9539eb06fed6
d35757daaba1703d8bbdbc64dbada00a39b8a94c
c74524d887e1bbd510932e04c5d93742a11d5146d5c662f12832268032d1de41
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en33.png?wsSecret=aedcb0d1a5cf33f40eb51ea7b1bb18d2&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5488
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5bebb58a-1570"
Date: Sat, 25 Nov 2023 16:57:10 GMT
Last-Modified: Wed, 14 Nov 2018 05:41:30 GMT
Expires: Mon, 25 Dec 2023 16:57:10 GMT
Age: 126471
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-19
X-Cdn-Request-ID: 02f41132afa1b3ec8f7bafe772c3a6a1
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en25.png?wsSecret=82848a5f0d1f0d526a40eba228b2f1b9&wsTime=1701057899
200 OK 8.7 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/en25.png?wsSecret=82848a5f0d1f0d526a40eba228b2f1b9&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 51ba83e99f49501d184f5bf3fe007753
b53bf9dabf57ea3f00d640346214247b65516cc6
536d0ec5173f3a2b0598a015d9d37bdb047b45edacd3708336b0ca11a11c58f5
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/sportTeam/football/en25.png?wsSecret=82848a5f0d1f0d526a40eba228b2f1b9&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8677
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5bebb590-21e5"
Date: Sat, 25 Nov 2023 16:57:10 GMT
Last-Modified: Wed, 14 Nov 2018 05:41:36 GMT
Expires: Mon, 25 Dec 2023 16:57:10 GMT
Age: 126472
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-16
X-Cdn-Request-ID: 635c1de77cf3c7b160829f10d3548fb5
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/1/1620130580209.png?wsSecret=f59d133ebb08f971c51206b77c2803af&wsTime=1701057899
200 OK 85 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/1/1620130580209.png?wsSecret=f59d133ebb08f971c51206b77c2803af&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 256 x 260, 8-bit/color RGB, non-interlaced\012- data
Hash 7eaced594befc61e2ddbbbc55b771cf0
9e1a5ad65af14be29cb96508c18c28c64c829809
fb1e0d4a9f5f6723173afe5f99d94a8b45b07472f2d17ee2c8d7a4cef639713d
GET /fserver/files/gb/1272/sportTeam/1/1620130580209.png?wsSecret=f59d133ebb08f971c51206b77c2803af&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 84999
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "60913b14-14c07"
Date: Tue, 14 Nov 2023 04:55:14 GMT
Last-Modified: Tue, 04 May 2021 12:16:20 GMT
Expires: Thu, 14 Dec 2023 04:55:14 GMT
Age: 1120187
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: c1397b6728dd94c87449da31f750095f
5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/49/1697912534812.png?wsSecret=215bdb4729cdb0e71015498d92e19fab&wsTime=1701057899
200 OK 6.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/49/1697912534812.png?wsSecret=215bdb4729cdb0e71015498d92e19fab&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 09b26642a398637f8b500eba1f93e886
c3fd1ecd1ff2d71135cdfd671a90e4a4dfb044bc
60b2471ea8ec7482a2fe2eac1484d39df81f71a517141f96c7e43fa60771615d
GET /fserver/files/gb/1106/sportTeam/49/1697912534812.png?wsSecret=215bdb4729cdb0e71015498d92e19fab&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6046
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "653416d6-179e"
Date: Wed, 22 Nov 2023 17:16:11 GMT
Last-Modified: Sat, 21 Oct 2023 18:22:14 GMT
Expires: Fri, 22 Dec 2023 17:16:11 GMT
Age: 384530
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-18
X-Cdn-Request-ID: e730745d5547a1702ea982f13b9a2cf6
5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/18/1603181565361.png?wsSecret=73f3690827d5d3478e62e4f6c0369d3a&wsTime=1701057899
200 OK 9.4 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1272/sportTeam/18/1603181565361.png?wsSecret=73f3690827d5d3478e62e4f6c0369d3a&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 151 x 151, 8-bit colormap, non-interlaced\012- data
Hash 2fb4dd0419afd169e19a1eba1cca2099
03fb512b46794451e92a6612d9dd672c67559653
e5a51fd1dc52a263298a83eca300d1cbff1bb3d3266827a3c827cc4cfd121f0a
GET /fserver/files/gb/1272/sportTeam/18/1603181565361.png?wsSecret=73f3690827d5d3478e62e4f6c0369d3a&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9365
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5f8e9bfd-2495"
Date: Wed, 22 Nov 2023 17:16:12 GMT
Last-Modified: Tue, 20 Oct 2020 08:12:45 GMT
Expires: Fri, 22 Dec 2023 17:16:12 GMT
Age: 384529
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 7a8acc4e9b0be3dc2a94f805e69b63cd
5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/es30.png?wsSecret=5bf8d414dead90c01a89b47e73449adb&wsTime=1701057899
200 OK 6.9 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/sportTeam/football/es30.png?wsSecret=5bf8d414dead90c01a89b47e73449adb&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash cbd7d872dae9222fbbf8dc5ce92714d0
93c12637049ac5a348f6e9ec09324a67f48f2ea5
7c3e061adea03305c1a664b44228f295110360e38b700eba3008c2d737e17749
GET /fserver/files/sportTeam/football/es30.png?wsSecret=5bf8d414dead90c01a89b47e73449adb&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6932
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "5beeac9a-1b14"
Date: Sun, 26 Nov 2023 17:00:10 GMT
Last-Modified: Fri, 16 Nov 2018 11:40:10 GMT
Expires: Tue, 26 Dec 2023 17:00:10 GMT
Age: 39891
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 12810d0a061ee6d0dcee9be71bd44f0a
5y7wpn.gaokejd.xyz/fserver/files/gb/1377/sportTeam/49/1598439579092.png?wsSecret=6f21a8f955a262ee98545d6d7a2b2e4f&wsTime=1701057899
200 OK 9.0 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1377/sportTeam/49/1598439579092.png?wsSecret=6f21a8f955a262ee98545d6d7a2b2e4f&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash a8b47580a8e98fd3e974737d1e26f997
0267cf4eb05e37c1ddb0518f2be176d9b745d75b
f4b91ddb0ee007c8812318cddf7b363a31aa974df11bb96fa15ff9ca33a0aa60
GET /fserver/files/gb/1377/sportTeam/49/1598439579092.png?wsSecret=6f21a8f955a262ee98545d6d7a2b2e4f&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8999
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "5f462f9d-2327"
Date: Mon, 20 Nov 2023 16:18:56 GMT
Last-Modified: Wed, 26 Aug 2020 09:47:09 GMT
Expires: Wed, 20 Dec 2023 16:18:56 GMT
Age: 560766
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: c8ac67da815bba80a6d5114ef0ef9665
5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/49/1614016003184.png?wsSecret=12fd3b6275b02a5b28d7cfcce5ffb2ac&wsTime=1701057899
200 OK 36 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/49/1614016003184.png?wsSecret=12fd3b6275b02a5b28d7cfcce5ffb2ac&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 336 x 229, 8-bit/color RGB, non-interlaced\012- data
Hash 655cfdb3a75c04f426aa2e90d832fbfa
75c83af733e56fda74effa4517f6a1a6198d0134
f4dbe8c209ec66ddd43f31300f379b4a4b8bb204b3f906058cb78f46f4a4e1da
GET /fserver/files/gb/1106/sportTeam/49/1614016003184.png?wsSecret=12fd3b6275b02a5b28d7cfcce5ffb2ac&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 36529
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "6033ee03-8eb1"
Date: Mon, 20 Nov 2023 16:18:46 GMT
Last-Modified: Mon, 22 Feb 2021 17:46:43 GMT
Expires: Wed, 20 Dec 2023 16:18:46 GMT
Age: 560776
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: b2e4b09d5ec55425229461ca598f8fc4
5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/50/1699292669160.png?wsSecret=35eb0d3f730ddcd890c0fb15d0fe0271&wsTime=1701057899
200 OK 52 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1106/sportTeam/50/1699292669160.png?wsSecret=35eb0d3f730ddcd890c0fb15d0fe0271&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash f770cb70a6d90dc669ab5df1ea71ebcf
a18cba6b58c737a89e959900bcc3d9472324dd6c
69b83bed01f9f2bb2e2936c6ce2283edf460d4002f3a9ce460ddebceb6933f27
GET /fserver/files/gb/1106/sportTeam/50/1699292669160.png?wsSecret=35eb0d3f730ddcd890c0fb15d0fe0271&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 52487
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "654925fd-cd07"
Date: Thu, 23 Nov 2023 17:09:52 GMT
Last-Modified: Mon, 06 Nov 2023 17:44:29 GMT
Expires: Sat, 23 Dec 2023 17:09:52 GMT
Age: 298510
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 750a14f6be7482817e5c4e1dec93910f
5y7wpn.gaokejd.xyz/fserver/files/gb/1377/sportTeam/50/1678911148494.png?wsSecret=ccdfe50d60f550ced4f5cdf7e1738cf4&wsTime=1701057899
200 OK 22 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/1377/sportTeam/50/1678911148494.png?wsSecret=ccdfe50d60f550ced4f5cdf7e1738cf4&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 9467bedd66555aab18310b5be7580c77
fdf34bd0a1ae18e31cffb2f08a53a325fc128528
8fb6e22843498bb5101639ca0f65e3de069e3006ccd7664e498aaf57abc93ac2
GET /fserver/files/gb/1377/sportTeam/50/1678911148494.png?wsSecret=ccdfe50d60f550ced4f5cdf7e1738cf4&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 22445
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "641226ac-57ad"
Date: Thu, 23 Nov 2023 17:09:52 GMT
Last-Modified: Wed, 15 Mar 2023 20:12:28 GMT
Expires: Sat, 23 Dec 2023 17:09:52 GMT
Age: 298510
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-18
X-Cdn-Request-ID: faaa7eaf40104300cd9d4225f6144e06
5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/214/1679585540899.png?wsSecret=16416f5867de1ec944be0518fb28d915&wsTime=1701057899
200 OK 78 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/214/1679585540899.png?wsSecret=16416f5867de1ec944be0518fb28d915&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 231 x 264, 8-bit/color RGBA, non-interlaced\012- data
Hash f58aed9a2fc610b4a11b1a58f80dcd35
6c408b739f82e671b022834e0053578ae9256fb6
02804433c3d47717ee936052cfb2b4b71111ee1b61830fcfba4b1ee3d41c4b02
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/627/floatImage/214/1679585540899.png?wsSecret=16416f5867de1ec944be0518fb28d915&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 77817
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "641c7104-12ff9"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Thu, 23 Mar 2023 15:32:20 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120188
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: ad773073e6357a9cb5694dd7fc507ba9
5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/214/1679585540504.png?wsSecret=06a6e3e51db55a17f86705a4488b04c3&wsTime=1701057899
200 OK 79 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/214/1679585540504.png?wsSecret=06a6e3e51db55a17f86705a4488b04c3&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 231 x 264, 8-bit/color RGBA, non-interlaced\012- data
Hash 46460929e399113acb305aba30af23a7
b3c30801205fb2d5355160321680f61c4cda19fd
c336fa146bfe93a451911ae33196e76fb8dca24180111adba7dfa50b6e4d389a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/627/floatImage/214/1679585540504.png?wsSecret=06a6e3e51db55a17f86705a4488b04c3&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 79341
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "641c7104-135ed"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Thu, 23 Mar 2023 15:32:20 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120188
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 616e3d9cd34ae9f6e8cd7a5846e0ea7a
5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/223/1673921769160.gif?wsSecret=e62503b1cc445c31ef07575da71d2af3&wsTime=1701057899
200 OK 511 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/floatImage/223/1673921769160.gif?wsSecret=e62503b1cc445c31ef07575da71d2af3&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 140 x 370\012- data
Size 511 kB (511147 bytes)
Hash bc9c51ed2062f071859af12e13f296a6
c76c66e33c784d7b32c8644c04201577fe8fd27d
3f423d8ff12c87020729e4d76dbc804ae7a2be7923e8cc89b0091984b6bf4544
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /fserver/files/gb/627/floatImage/223/1673921769160.gif?wsSecret=e62503b1cc445c31ef07575da71d2af3&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 511147
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "63c604e9-7ccab"
Date: Tue, 14 Nov 2023 04:55:13 GMT
Last-Modified: Tue, 17 Jan 2023 02:16:09 GMT
Expires: Thu, 14 Dec 2023 04:55:13 GMT
Age: 1120188
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-19
X-Cdn-Request-ID: def7b265eb731e1877b272d1d0bfb51f
5y7wpn.gaokejd.xyz/ftl/commonPage/images/favicon/favicon_627.png?wsSecret=0582c38921f9b5e787caae922421424c&wsTime=1701057899
200 OK 4.7 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/ftl/commonPage/images/favicon/favicon_627.png?wsSecret=0582c38921f9b5e787caae922421424c&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash 834417d344a1bd995c78df66fe45edbd
79a5cd12dc1bf06043f38349e6dd492e58144a01
736b8041b08f7ec7a5f5a8e8d4d857dc58f1f03d4e2b6f738a2f1c9ae3892bbb
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/images/favicon/favicon_627.png?wsSecret=0582c38921f9b5e787caae922421424c&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4704
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "6311d300-1260"
Date: Tue, 14 Nov 2023 04:59:03 GMT
Last-Modified: Fri, 02 Sep 2022 09:55:12 GMT
Expires: Thu, 14 Dec 2023 04:59:03 GMT
Age: 1119959
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: eb170e30eae13c25ec0e0039aba0926f
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
5.8 kB URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
File type gzip compressed data, max speed, from Unix\012- data
Hash 10f286be35f9cb305ad394ea4104fc1c
4c57898405d1d64506bf4bd7eb7dea83be6efda7
6e7c13bda12bc46a3e004da9936727920f4ea7c97de3900ca7bd5f00b2cac449
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 04:05:10 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-12-29-19-51-25.chain; p384ecdsa=drUiOhvkcvtIZ6kjhoR9qvOgIVJdj2Sa5uFHg7yKSQkZrW2YQ_Mk-Y_kKHtYZRJDSSxnj3Ajz9EE7KHZnN2GhKxoU2RtmUT0aXCYS4AKfWtc7Vq34WcVO_XCic_Y2oa7
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
ASN #20940 Akamai International B.V.
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx35e1afa589ba4bd9a93ea-006556c567dfw1
Cache-Control: public, max-age=86642
Expires: Tue, 28 Nov 2023 04:09:12 GMT
Date: Mon, 27 Nov 2023 04:05:10 GMT
Connection: keep-alive
vue.livehelp100service.com/visitorside/js/Button.1cda5041.js
200 OK 4.3 kB URL GET HTTP/2 vue.livehelp100service.com/visitorside/js/Button.1cda5041.js
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint77:2D:5A:72:73:6B:79:7B:5B:7B:23:F0:4F:18:3B:D1:07:EF:47:E1
ValidityMon, 30 Oct 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (9562)
Hash 468b2dbcaf39d2481fe67f0466308d45
c160db49c2e6766907c2a6fc60c70e5f7c9c1f48
c9281b476a44a8995e3bca961c3baa6cf5e6fe10bf8167c4ceba703780523ebd
GET /visitorside/js/Button.1cda5041.js HTTP/1.1
Host: vue.livehelp100service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://vue.livehelp100service.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 26 Nov 2023 07:04:50 GMT
server: nginx/1.22.1
last-modified: Tue, 14 Nov 2023 03:13:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"6552e5de-25cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UH7nA_UzKDuMDRfkGKi_utkYJWwth1ETudNBNtPVlMh1-OfvUUqykg==
age: 75609
X-Firefox-Spdy: h2
2949yj.33465aaabb.com/visitor.ashx?siteId=5001690
200 OK 2.1 kB URL POST HTTP/2 2949yj.33465aaabb.com/visitor.ashx?siteId=5001690
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint30:5B:92:F8:D3:3F:D6:BC:AB:CB:92:F8:DB:62:DE:57:A3:32:FC:AC
ValidityFri, 11 Aug 2023 00:00:00 GMT - Sun, 08 Sep 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2061), with no line terminators
Hash 7736a9e1b8d499ec7305085bd44ca43f
21e5ef79f295759d868edd20afe22b8243298aa8
db380b37fa77d86dab7c046372bfce10bbf950279af9dfcffb80ce20c6fbd4a4
POST /visitor.ashx?siteId=5001690 HTTP/1.1
Host: 2949yj.33465aaabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1335
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Nov 2023 04:04:59 GMT
content-type: text/json
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: https://912337.com:8989
set-cookie: visitorGuid_5001690=e259e285-6016-4091-ae62-67de0b682d9f; expires=Sun, 30 Mar 3023 04:04:59 GMT; path=/; secure; samesite=none
arrserver: chatserver1
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2
2949yj.33465aaabb.com/campaign.ashx?siteId=5001690&campaignId=dd000000-0000-0000-0000-008e004c51da&lastUpdateTime=000000000C0CED8B
200 OK 8.9 kB URL GET HTTP/2 2949yj.33465aaabb.com/campaign.ashx?siteId=5001690&campaignId=dd000000-0000-0000-0000-008e004c51da&lastUpdateTime=000000000C0CED8B
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint30:5B:92:F8:D3:3F:D6:BC:AB:CB:92:F8:DB:62:DE:57:A3:32:FC:AC
ValidityFri, 11 Aug 2023 00:00:00 GMT - Sun, 08 Sep 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (7599), with no line terminators
Hash e71b8abc2c511cc04a7b010db4991d9d
13c7a74cd124ab19b80776cc6c443ae142027231
d8c45bfd3fb15a82aa09030b6f6a5dbe19a7dac1f744e7030f13ea53d5d2d982
GET /campaign.ashx?siteId=5001690&campaignId=dd000000-0000-0000-0000-008e004c51da&lastUpdateTime=000000000C0CED8B HTTP/1.1
Host: 2949yj.33465aaabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 04:04:59 GMT
content-type: text/json
server: nginx
access-control-allow-origin: *
cache-control: max-age=31536000
arrserver: chatserver1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'
referrer-policy: no-referrer
X-Firefox-Spdy: h2
vue.livehelp100service.com/visitorside/js/common.301a4410.js
200 OK 67 kB URL GET HTTP/2 vue.livehelp100service.com/visitorside/js/common.301a4410.js
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint77:2D:5A:72:73:6B:79:7B:5B:7B:23:F0:4F:18:3B:D1:07:EF:47:E1
ValidityMon, 30 Oct 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visitorside/js/common.301a4410.js HTTP/1.1
Host: vue.livehelp100service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 26 Nov 2023 07:04:31 GMT
server: nginx/1.22.1
last-modified: Tue, 14 Nov 2023 03:13:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"6552e5de-10474"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RfAbJ_mOTp4JxUu6fNBtHiCeUkzEKsossoWIr0vPZb8X51l6VK6w1A==
age: 75626
X-Firefox-Spdy: h2
vue.livehelp100service.com/visitorside/js/bundle.2efe1271.js
200 OK 542 kB URL GET HTTP/2 vue.livehelp100service.com/visitorside/js/bundle.2efe1271.js
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint77:2D:5A:72:73:6B:79:7B:5B:7B:23:F0:4F:18:3B:D1:07:EF:47:E1
ValidityMon, 30 Oct 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT
Size 542 kB (541868 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visitorside/js/bundle.2efe1271.js HTTP/1.1
Host: vue.livehelp100service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 26 Nov 2023 07:04:38 GMT
server: nginx/1.22.1
last-modified: Tue, 14 Nov 2023 03:13:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"6552e5de-844ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tsA62rvJB56rR3yQbLhFT-YH2eJQ9PZqRyEzbqv9N4ZiKGGp2AeDnw==
age: 75620
X-Firefox-Spdy: h2
5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10383/1695644169263.jpg?wsSecret=064a796dcf5b842a76540c7ce9802bdf&wsTime=1701057899
200 OK 447 kB URL GET HTTP/1.1 5y7wpn.gaokejd.xyz/fserver/files/gb/627/carousel/10383/1695644169263.jpg?wsSecret=064a796dcf5b842a76540c7ce9802bdf&wsTime=1701057899
IP
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.gaokejd.xyz
FingerprintBF:3B:B1:34:33:54:2B:51:01:C2:15:B8:63:A1:ED:18:22:95:04:03
ValidityTue, 29 Nov 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1384x1032, components 3\012- data
Size 447 kB (446907 bytes)
Hash 11c1ed0026a45dcce7374c501f06d6dc
7c4374db8e03183e76cbd41d835f97881cfde12a
64b1a169ea60653872921a5c95d06c486e2b226f9b99fc74842479c73105e293
GET /fserver/files/gb/627/carousel/10383/1695644169263.jpg?wsSecret=064a796dcf5b842a76540c7ce9802bdf&wsTime=1701057899 HTTP/1.1
Host: 5y7wpn.gaokejd.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 446907
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "65117a09-6d1bb"
Date: Tue, 14 Nov 2023 04:55:11 GMT
Last-Modified: Mon, 25 Sep 2023 12:16:09 GMT
Expires: Thu, 14 Dec 2023 04:55:11 GMT
Age: 1120186
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-17
X-Cdn-Request-ID: 2d0a7ff65cd60bfb6de7d27d39724470
vue.livehelp100service.com/visitorside/js/vendor.459da97c.js
200 OK 74 kB URL GET HTTP/2 vue.livehelp100service.com/visitorside/js/vendor.459da97c.js
IP
Certificate IssuerAmazon
Subject*.livehelp100service.com
Fingerprint77:2D:5A:72:73:6B:79:7B:5B:7B:23:F0:4F:18:3B:D1:07:EF:47:E1
ValidityMon, 30 Oct 2023 00:00:00 GMT - Thu, 28 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visitorside/js/vendor.459da97c.js HTTP/1.1
Host: vue.livehelp100service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://912337.com:8989
DNT: 1
Connection: keep-alive
Referer: https://912337.com:8989/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 26 Nov 2023 07:04:23 GMT
server: nginx/1.22.1
last-modified: Tue, 14 Nov 2023 03:13:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
etag: W/"6552e5de-120cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MkXO1YKcpf7Z05B2FAo6UcvJZHEyLiKOr-SCutJ0tUCyRUHT0d74nQ==
age: 75635
X-Firefox-Spdy: h2
20.205.11.135
143.204.53.97
2.22.61.59