urlscan.io logo urlscan.io
SecurityTrails logo

35125.club Open in urlscan Pro
206.119.83.81  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://35125.club/
Effective URL: https://35125.club:8989/
Submission: On June 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 35 HTTP transactions. The main IP is 206.119.83.81, located in United States and belongs to HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK. The main domain is 35125.club.
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.
This is the only time 35125.club was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

IP Address AS Autonomous System
12 206.119.83.81 140227 (HKCICL-AS...)
20 240e:979:801:... 4134 (CHINANET-...)
35 3
Apex Domain
Subdomains		 Transfer
20 rbjgb.com
7ngdqc.rbjgb.com
174 KB
12 35125.club
35125.club
287 KB
0 oqwepookpf.cn Failed
m.oqwepookpf.cn Failed
35 3
Domain Requested by
20 7ngdqc.rbjgb.com 35125.club
7ngdqc.rbjgb.com
12 35125.club 35125.club
7ngdqc.rbjgb.com
0 m.oqwepookpf.cn Failed 35125.club
35 3

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
Subject Issuer Validity Valid
35125.club
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.rbjgb.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-26 -
2024-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://35125.club:8989/
Frame ID: 7162556467115B344F1CF6147FAEF721
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

澳門威尼斯人

Page URL History Show full URLs

  1. https://35125.club/ Page URL
  2. https://35125.club:8989/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

91 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

461 kB
Transfer

1933 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://35125.club/ Page URL
  2. https://35125.club:8989/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
35125.club/ 		82 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://35125.club/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Jun 2023 15:15:02 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Primary Request /
35125.club/ 		698 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
2bd91912062b264be590068024d711384baba15e7df6b529fe0e6f0ad52e62b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://35125.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Jun 2023 15:15:03 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-html-cache
HIT-3600
out-line
gb-site-098
uuid
-
gui-base.css
35125.club/ftl/commonPage/themes/ 		79 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/commonPage/themes/gui-base.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
58005581427a61dee5af1386995b38d90e995f4bcb75b85f8bb84d84ab5ac0fd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 May 2023 03:45:17 GMT
ETag
W/"64702b4d-13d22"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=86400
Connection
keep-alive
uuid
-
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
gui-skin-default.css
35125.club/ftl/commonPage/themes/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/commonPage/themes/gui-skin-default.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
de87bc88df3d6a0da985ea2fcf98c29be86e6c4a98b2f68c372308260a4c0e62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 01:20:12 GMT
ETag
W/"5fced4cc-7b2e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=86400
Connection
keep-alive
uuid
-
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
common.css
35125.club/ftl/venetian1717/themes/style/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/venetian1717/themes/style/common.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
dcc6a820f095a2f35f07c9ebe2794c796e83d8b7ac55d849ed302b2c83744d8a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jan 2023 03:45:08 GMT
ETag
W/"63c8bcc4-8541"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=86400
Connection
keep-alive
uuid
-
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
bootstrap-dialog.min.css
35125.club/ftl/venetian1717/themes/style/ 		2 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/venetian1717/themes/style/bootstrap-dialog.min.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
3fcfb5edb031a13551fb7630852d5a1b474339bfb2c8ac97e9596e9e798a7815
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2023 02:01:10 GMT
ETag
W/"63be1866-8a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=86400
Connection
keep-alive
uuid
-
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
i18n.js
35125.club/commonPage/lan/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/commonPage/lan/i18n.js?t=1686755703.457
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
c822d9e95f30114f9656b156965f659ebc9ee1661c953b1ad1c28ed4756755bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
uuid
01717-02-00000000-1686755704461e
out-line
gb-site-098
jquery-1.11.3.min.js
7ngdqc.rbjgb.com/ftl/commonPage/js/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JH-MP-01-44 /
Resource Hash
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:19 GMT
Content-Encoding
gzip
Age
119267
x-link-via
yancct08:443;jhmp01:80;
X-Cache-Status
HIT from KS-CLOUD-JH-MP-01-44, HIT from KS-CLOUD-YANC-CT-08-08-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
33545
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-JH-MP-01-44
ETag
W/"5d848f4f-176d4"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
0461386d7b5e85593a0c28b7730b128a
Expires
Thu, 13 Jul 2023 06:07:19 GMT
float.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/float.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-15 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:19 GMT
Content-Encoding
gzip
Age
119267
x-link-via
yancct08:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-15, HIT from KS-CLOUD-YANC-CT-08-14
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1929
Last-Modified
Thu, 26 Aug 2021 07:50:18 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-15
ETag
W/"612747ba-1b2f"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
f610146a664623087133cdf8d19b83f2
Expires
Thu, 13 Jul 2023 06:07:19 GMT
idangerous.swiper.min.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/idangerous.swiper.min.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JN-MP-13-14 /
Resource Hash
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;jnmp13:80;
X-Cache-Status
HIT from KS-CLOUD-JN-MP-13-14, HIT from KS-CLOUD-YANC-CT-08-05
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
11951
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-JN-MP-13-14
ETag
W/"5d848f4f-b07e"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
a2fe7b4e037319aa5d4b4306088aa090
Expires
Thu, 13 Jul 2023 06:07:20 GMT
Comet.js
7ngdqc.rbjgb.com/ftl/commonPage/js/websocket/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/websocket/Comet.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-05 /
Resource Hash
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-05, HIT from KS-CLOUD-YANC-CT-08-02-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
4031
Last-Modified
Mon, 19 Jul 2021 23:50:13 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-05
ETag
W/"60f60fb5-43bc"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
69aa702bfa274cba2cd86ca95a782da0
Expires
Thu, 13 Jul 2023 06:07:20 GMT
CometMarathon.js
7ngdqc.rbjgb.com/ftl/commonPage/js/websocket/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/websocket/CometMarathon.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JH-MP-01-38 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;jhmp01:80;
X-Cache-Status
HIT from KS-CLOUD-JH-MP-01-38, HIT from KS-CLOUD-YANC-CT-08-01-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3316
Last-Modified
Thu, 21 Apr 2022 04:30:12 GMT
Server
Default-server-KS-CLOUD-JH-MP-01-38
ETag
W/"6260ddd4-2f13"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
bfd53cfea789f4c0fd0633b91d24838b
Expires
Thu, 13 Jul 2023 06:07:20 GMT
PopUp.js
7ngdqc.rbjgb.com/ftl/commonPage/js/websocket/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/websocket/PopUp.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-44 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-44, HIT from KS-CLOUD-YANC-CT-08-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
797
Last-Modified
Thu, 21 Apr 2022 04:30:12 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-44
ETag
W/"6260ddd4-828"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
2f285a90b0fdc70a848ef6ef8cbc1156
Expires
Thu, 13 Jul 2023 06:07:20 GMT
message_zh_CN.js
35125.club/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/message_zh_CN.js?v=1686605347417
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
a133f55920bc6dce0b09e2b0e107fccf6f89a5f1744f2535e4702c08b38e198a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
X-Cache
HIT
Vary
Accept-Encoding
Cache-Control
max-age=86400
Connection
keep-alive
uuid
01717-02-00000000-16867557045664
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
lazyload.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/lazyload.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-26 /
Resource Hash
df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-26, HIT from KS-CLOUD-YANC-CT-08-05-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
2688
Last-Modified
Mon, 26 Dec 2022 06:30:17 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-26
ETag
W/"63a93f79-2ce5"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
261984e5eaa6155ab73467e51567b5df
Expires
Thu, 13 Jul 2023 06:07:20 GMT
gui-base.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/gui-base.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-04-10 /
Resource Hash
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;huzmp04:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-04-10, HIT from KS-CLOUD-YANC-CT-08-12
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
15770
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-04-10
ETag
W/"5d848f4f-ee4d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
5c969d3c4a9729ed3fd31152fff2c361
Expires
Thu, 13 Jul 2023 06:07:20 GMT
bootstrap-dialog.min.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/bootstrap-dialog.min.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-02-01 /
Resource Hash
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;huzmp02:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-02-01, HIT from KS-CLOUD-YANC-CT-08-02
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
5007
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-02-01
ETag
W/"5d848f4f-4ea4"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
a6bc1a9f9f757009a76444729c305bd6
Expires
Thu, 13 Jul 2023 06:07:20 GMT
layer.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/layer.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LY-MP-01-05 /
Resource Hash
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;lymp01:80;
X-Cache-Status
HIT from KS-CLOUD-LY-MP-01-05, HIT from KS-CLOUD-YANC-CT-08-03
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
7599
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LY-MP-01-05
ETag
W/"5d848f4f-55f6"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
1c8a66cd4685d0e42672d2a20788fe03
Expires
Thu, 13 Jul 2023 06:07:20 GMT
jquery.super-marquee.js
7ngdqc.rbjgb.com/ftl/commonPage/js/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HF-MP-62-02 /
Resource Hash
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;hfmp62:80;
X-Cache-Status
HIT from KS-CLOUD-HF-MP-62-02, HIT from KS-CLOUD-YANC-CT-08-06-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1421
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-HF-MP-62-02
ETag
W/"5d848f4f-1151"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
c37f9f5e70c0b752ffd005a0f3d1b4cd
Expires
Thu, 13 Jul 2023 06:07:20 GMT
jquery.nicescroll.min.js
7ngdqc.rbjgb.com/ftl/commonPage/js/jquery/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-FZ-MP-33-07 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;fzmp33:80;
X-Cache-Status
HIT from KS-CLOUD-FZ-MP-33-07, HIT from KS-CLOUD-YANC-CT-08-06
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
17446
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-FZ-MP-33-07
ETag
W/"5d848f4f-fc8b"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
67fb6384c06f35118715aa84c773bd4a
Expires
Thu, 13 Jul 2023 06:07:20 GMT
jquery.validate.js
7ngdqc.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/150810/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LY-MP-01-17 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119267
x-link-via
yancct08:443;lymp01:80;
X-Cache-Status
HIT from KS-CLOUD-LY-MP-01-17, HIT from KS-CLOUD-YANC-CT-08-04
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
7746
Last-Modified
Mon, 29 May 2023 11:37:54 GMT
Server
Default-server-KS-CLOUD-LY-MP-01-17
ETag
W/"64748e92-6caf"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
5debacba9d792559d25b223fbd210805
Expires
Thu, 13 Jul 2023 06:07:20 GMT
jquery.validate.extend.msites.js
7ngdqc.rbjgb.com/150810/rcenter/common/js/gamebox/common/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/150810/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-TZ-MP-23-27 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:20 GMT
Content-Encoding
gzip
Age
119267
x-link-via
yancct08:443;tzmp23:80;
X-Cache-Status
HIT from KS-CLOUD-TZ-MP-23-27, HIT from KS-CLOUD-YANC-CT-08-03-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
4126
Last-Modified
Mon, 29 May 2023 11:37:54 GMT
Server
Default-server-KS-CLOUD-TZ-MP-23-27
ETag
W/"64748e92-3a09"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
15321ae0f8d6a540d2d890657edbeb8f
Expires
Thu, 13 Jul 2023 06:07:20 GMT
moment.js
7ngdqc.rbjgb.com/ftl/commonPage/js/ 		113 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/moment.js
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-04-19 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:21 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;huzmp04:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-04-19, HIT from KS-CLOUD-YANC-CT-08-03
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
26912
Last-Modified
Fri, 19 May 2023 01:40:51 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-04-19
ETag
W/"6466d3a3-1c325"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
3556665c34e4c432e0456c631a41ac8e
Expires
Thu, 13 Jul 2023 06:07:21 GMT
pc.css
7ngdqc.rbjgb.com/ftl/commonPage/themes/hb/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/themes/hb/css/pc.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-TAIZ-MP-07-06 /
Resource Hash
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:19 GMT
Content-Encoding
gzip
Age
119267
x-link-via
yancct08:443;taizmp07:80;
X-Cache-Status
HIT from KS-CLOUD-TAIZ-MP-07-06, HIT from KS-CLOUD-YANC-CT-08-08-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
911
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-TAIZ-MP-07-06
ETag
W/"5d848f4f-b5d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
121b1318374b7933a313ea3e700d1759
Expires
Thu, 13 Jul 2023 06:07:19 GMT
gb.validation.min.js
7ngdqc.rbjgb.com/150810/rcenter/common/static/js/ 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/150810/rcenter/common/static/js/gb.validation.min.js?v=1686605347417
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-12-30 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:22 GMT
Content-Encoding
gzip
Age
119265
x-link-via
yancct08:443;ldmp12:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-12-30, HIT from KS-CLOUD-YANC-CT-08-13
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
5207
Last-Modified
Wed, 05 Oct 2022 09:40:30 GMT
Server
Default-server-KS-CLOUD-LD-MP-12-30
ETag
W/"633d510e-7fd7"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
e8d1a933e5ecf8bd6d4cbba8bde3a87f
Expires
Thu, 13 Jul 2023 06:07:22 GMT
gb.validation.min.css
7ngdqc.rbjgb.com/150810/rcenter/common/static/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/150810/rcenter/common/static/css/gb.validation.min.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-04-09 /
Resource Hash
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:19 GMT
Content-Encoding
gzip
Age
119267
x-link-via
yancct08:443;huzmp04:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-04-09, HIT from KS-CLOUD-YANC-CT-08-07-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3788
Last-Modified
Wed, 05 Oct 2022 09:40:30 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-04-09
ETag
W/"633d510e-2d52"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
77e54818b0c8196b7624b4581ec0ca5b
Expires
Thu, 13 Jul 2023 06:07:19 GMT
umami.js
m.oqwepookpf.cn/ 		0
0
special_3.jpg
7ngdqc.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JH-MP-01-31 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:21 GMT
Age
119266
x-link-via
yancct08:443;jhmp01:80;
X-Cache-Status
HIT from KS-CLOUD-JH-MP-01-31, HIT from KS-CLOUD-YANC-CT-08-12
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
6871
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-JH-MP-01-31
ETag
"5d848f4f-1ad7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
c86d4f44d649e581c038735481190770
Expires
Thu, 13 Jul 2023 06:07:21 GMT
hongbao.css
35125.club/ftl/commonPage/themes/ 		53 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/commonPage/themes/hongbao.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/ftl/commonPage/themes/gui-base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/ftl/commonPage/themes/gui-base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 06:38:07 GMT
ETag
W/"64252e4f-d530"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=86400
Connection
keep-alive
uuid
-
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
gui-layer.css
35125.club/ftl/commonPage/themes/ 		49 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/commonPage/themes/gui-layer.css
Requested by
Host: 35125.club
URL: https://35125.club:8989/ftl/commonPage/themes/gui-base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
4c79bd5f7674ac54a377c34facd56465a269d5ce434eb1635338f4efaee4f1c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/ftl/commonPage/themes/gui-base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 May 2023 02:00:13 GMT
ETag
W/"6464352d-c416"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=86400
Connection
keep-alive
uuid
-
out-line
gb-site-098
Expires
Thu, 15 Jun 2023 15:15:04 GMT
gui.ttf
35125.club/ftl/commonPage/themes/fonts/gui-fonts/ 		224 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://35125.club:8989/ftl/commonPage/themes/fonts/gui-fonts/gui.ttf
Requested by
Host: 35125.club
URL: https://35125.club:8989/ftl/commonPage/themes/gui-base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://35125.club:8989/ftl/commonPage/themes/gui-base.css
Origin
https://35125.club:8989
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:05 GMT
Last-Modified
Fri, 26 May 2023 03:45:17 GMT
ETag
"64702b4d-5e2b4"
X-Frame-Options
SAMEORIGIN
X-Cache
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
out-line
gb-site-098
uuid
-
Content-Length
385716
Expires
Thu, 15 Jun 2023 15:15:05 GMT
partner-hongtu-white.png
35125.club/ftl/commonPage/images/partner/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://35125.club:8989/ftl/commonPage/images/partner/partner-hongtu-white.png
Requested by
Host: 35125.club
URL: https://35125.club:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.119.83.81 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
/
Resource Hash
ba81197096566bf07ceca868b522f8f5877b38b80227003a8288278fac5454d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 15:15:05 GMT
Last-Modified
Thu, 23 Jul 2020 02:55:32 GMT
ETag
"5f18fc24-2562b"
X-Frame-Options
SAMEORIGIN
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
out-line
gb-site-098
uuid
-
Content-Length
153131
Expires
Thu, 15 Jun 2023 15:15:05 GMT
layer.css
7ngdqc.rbjgb.com/ftl/commonPage/js/theme/default/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://7ngdqc.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
Requested by
Host: 7ngdqc.rbjgb.com
URL: https://7ngdqc.rbjgb.com/ftl/commonPage/js/layer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:979:801:302:1::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-XY-MP-02-18 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://35125.club:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 06:07:21 GMT
Content-Encoding
gzip
Age
119266
x-link-via
yancct08:443;xymp02:80;
X-Cache-Status
HIT from KS-CLOUD-XY-MP-02-18, HIT from KS-CLOUD-YANC-CT-08-08-L
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3111
Last-Modified
Fri, 03 Sep 2021 08:10:10 GMT
Server
Default-server-KS-CLOUD-XY-MP-02-18
ETag
W/"6131d862-48e4"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
e204bc0455c2fce3c7cfc6dd6901284b
Expires
Thu, 13 Jul 2023 06:07:21 GMT
getFloat.html
35125.club/mobile-api/v5/origin/ 		0
0
getAppsUrl.html
35125.club/index/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
m.oqwepookpf.cn
URL
https://m.oqwepookpf.cn/umami.js
Domain
35125.club
URL
https://35125.club:8989/mobile-api/v5/origin/getFloat.html
Domain
35125.club
URL
https://35125.club:8989/index/getAppsUrl.html?device=android

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| imgRoot string| randomstr string| apiRoot boolean| hasHg number| i3 number| max3 number| id3 function| jackpot function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
35125.club/ Name: sticket
Value: RFeVlUVmhNalk1TVR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35125.club
7ngdqc.rbjgb.com
m.oqwepookpf.cn
35125.club
m.oqwepookpf.cn
206.119.83.81
240e:979:801:302:1::6
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f
2bd91912062b264be590068024d711384baba15e7df6b529fe0e6f0ad52e62b0
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
3fcfb5edb031a13551fb7630852d5a1b474339bfb2c8ac97e9596e9e798a7815
4c79bd5f7674ac54a377c34facd56465a269d5ce434eb1635338f4efaee4f1c6
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
58005581427a61dee5af1386995b38d90e995f4bcb75b85f8bb84d84ab5ac0fd
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
a133f55920bc6dce0b09e2b0e107fccf6f89a5f1744f2535e4702c08b38e198a
ba81197096566bf07ceca868b522f8f5877b38b80227003a8288278fac5454d2
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708
c822d9e95f30114f9656b156965f659ebc9ee1661c953b1ad1c28ed4756755bf
dcc6a820f095a2f35f07c9ebe2794c796e83d8b7ac55d849ed302b2c83744d8a
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
de87bc88df3d6a0da985ea2fcf98c29be86e6c4a98b2f68c372308260a4c0e62
df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c