Submitted URL: https://44370.cc/
Effective URL: https://44370.cc:8989/
Submission: On July 13 via automatic, source openphish — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 51 HTTP transactions. The main IP is 103.249.110.55, located in Hong Kong and belongs to SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK. The main domain is 44370.cc.
TLS certificate: Issued by R3 on June 11th 2022. Valid for: 3 months.
This is the only time 44370.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

IP Address AS Autonomous System
25 103.249.110.55 133199 (SONDERCLO...)
26 103.155.16.129 138915 (KAOPU-HK ...)
51 3
Apex Domain
Subdomains
Transfer
26 sxyxda.com
9tdgba.sxyxda.com
363 KB
25 44370.cc
44370.cc
560 KB
51 2
Domain Requested by
26 9tdgba.sxyxda.com 44370.cc
9tdgba.sxyxda.com
25 44370.cc 44370.cc
9tdgba.sxyxda.com
51 2
Subject Issuer Validity Valid
44370.cc
R3
2022-06-11 -
2022-09-09
3 months crt.sh
*.sxyxda.com
Sectigo RSA Domain Validation Secure Server CA
2021-11-23 -
2022-11-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://44370.cc:8989/
Frame ID: D01AAE7F703F41B7B1C6FF5D9DD11538
Requests: 53 HTTP requests in this frame

Screenshot

Page Title

bet365

Page URL History Show full URLs

  1. https://44370.cc/ Page URL
  2. https://44370.cc:8989/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

923 kB
Transfer

1814 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://44370.cc/ Page URL
  2. https://44370.cc:8989/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
44370.cc/
80 B
380 B
Document
General
Full URL
https://44370.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
bbe0ffb50ab74f43af89189515b54035f45f60a6bd12f5d93e11eec494c34a12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 01:26:34 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Primary Request /
44370.cc/
352 KB
86 KB
Document
General
Full URL
https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
410586cd742e3d9f5e37866e4e5ea65176b567eed3514cd22dd0a7c3155d41fe

Request headers

Referer
https://44370.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 01:26:35 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-html-cache
HIT-3600
out-line
gb-site-110
uuid
-
gui-base.css
44370.cc/ftl/commonPage/themes/
76 KB
16 KB
Stylesheet
General
Full URL
https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
5115beb96fcb86d69e9929dfe0188a3df5453061cc72e2935c7adf1f4edd7b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 May 2022 08:36:10 GMT
ETag
W/"6295d37a-12fa6"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jul 2022 01:26:35 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
-
gui-skin-default.css
44370.cc/ftl/commonPage/themes/
31 KB
6 KB
Stylesheet
General
Full URL
https://44370.cc:8989/ftl/commonPage/themes/gui-skin-default.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
de87bc88df3d6a0da985ea2fcf98c29be86e6c4a98b2f68c372308260a4c0e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 01:20:12 GMT
ETag
W/"5fced4cc-7b2e"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jul 2022 01:26:36 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
-
common.css
44370.cc/ftl/bet365-1619/themes/
47 KB
11 KB
Stylesheet
General
Full URL
https://44370.cc:8989/ftl/bet365-1619/themes/common.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
c037215ca2cab30fec6b5061a3a1dcde11e52ba101680ddbfb8f9a04a19da6b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 02:17:57 GMT
ETag
W/"61b16755-bc4f"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jul 2022 01:26:36 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
-
bootstrap-dialog.min.css
44370.cc/ftl/bet365-1619/themes/
3 KB
1 KB
Stylesheet
General
Full URL
https://44370.cc:8989/ftl/bet365-1619/themes/bootstrap-dialog.min.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
ETag
W/"613c72a9-adc"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jul 2022 01:26:36 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
-
i18n.js
44370.cc/commonPage/lan/
1 KB
1 KB
Script
General
Full URL
https://44370.cc:8989/commonPage/lan/i18n.js?t=1657675595.347
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
ff27f5e71ede1ca083248b0c466414d25d58eac14018ac936ef55ef6313a66fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
01619-01-00000000-16576755960c97
ads1.png
44370.cc/ftl/commonPage/zh_CN/pubads/images/
12 KB
12 KB
Image
General
Full URL
https://44370.cc:8989/ftl/commonPage/zh_CN/pubads/images/ads1.png
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
01cf3c6ca09d7b6003faf27cdf6ff31dc52ec67f73070a6c81bfcb50b7b9ea4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"5d848f4f-2e75"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
11893
Expires
Thu, 14 Jul 2022 01:26:36 GMT
ads2.png
44370.cc/ftl/commonPage/zh_CN/pubads/images/
19 KB
19 KB
Image
General
Full URL
https://44370.cc:8989/ftl/commonPage/zh_CN/pubads/images/ads2.png
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
13e5348ceb8b66112851439602497e44bcb574bf16794598bce46340f784d533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"5d848f4f-4bbc"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
19388
Expires
Thu, 14 Jul 2022 01:26:36 GMT
jquery-1.11.3.min.js
9tdgba.sxyxda.com/ftl/commonPage/js/jquery/
94 KB
33 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-05 /
Resource Hash
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 25 Jun 2022 06:01:12 GMT
Content-Encoding
gzip
Age
1538724
X-Cache-Status
HIT from KS-CLOUD-XJP-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
33545
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-05
Cache-Control
max-age=86400
ETag
W/"5d848f4f-176d4"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
192c93fe4f3ac4c8cca7e51a82ad1bf0
Expires
Mon, 25 Jul 2022 06:01:12 GMT
float.js
9tdgba.sxyxda.com/ftl/commonPage/js/
7 KB
3 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/float.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-01 /
Resource Hash
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 03:48:56 GMT
Content-Encoding
gzip
Age
1892261
X-Cache-Status
HIT from KS-CLOUD-XJP-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-02
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
1929
Accept-Ranges
bytes
Last-Modified
Thu, 26 Aug 2021 07:50:18 GMT
Server
Default-server-KS-CLOUD-XJP-12-01
Cache-Control
max-age=86400
ETag
W/"612747ba-1b2f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
6547d54f80215630111dad6c9f001377
Expires
Thu, 21 Jul 2022 03:48:56 GMT
idangerous.swiper.min.js
9tdgba.sxyxda.com/ftl/commonPage/js/
44 KB
12 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/idangerous.swiper.min.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-02 /
Resource Hash
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 04:10:58 GMT
Content-Encoding
gzip
Age
1890938
X-Cache-Status
HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
11951
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-02
Cache-Control
max-age=86400
ETag
W/"5d848f4f-b07e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
19bb5e93e99a7a257487957bc297fd64
Expires
Thu, 21 Jul 2022 04:10:58 GMT
Comet.js
9tdgba.sxyxda.com/ftl/commonPage/js/websocket/
17 KB
5 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/websocket/Comet.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-06 /
Resource Hash
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 05:52:37 GMT
Content-Encoding
gzip
Age
1884839
X-Cache-Status
HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
4031
Accept-Ranges
bytes
Last-Modified
Mon, 19 Jul 2021 23:50:13 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-06
Cache-Control
max-age=86400
ETag
W/"60f60fb5-43bc"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
44e9fa0577edd6e7128464ed8858da97
Expires
Thu, 21 Jul 2022 05:52:37 GMT
CometMarathon.js
9tdgba.sxyxda.com/ftl/commonPage/js/websocket/
12 KB
4 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/websocket/CometMarathon.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-03 /
Resource Hash
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 06:25:30 GMT
Content-Encoding
gzip
Age
241266
X-Cache-Status
HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
3316
Accept-Ranges
bytes
Last-Modified
Thu, 21 Apr 2022 04:30:12 GMT
Server
Default-server-KS-CLOUD-XJP-12-03
Cache-Control
max-age=86400
ETag
W/"6260ddd4-2f13"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
3db1e2a5c3a2e1255cb3ba7e94063ef0
Expires
Tue, 09 Aug 2022 06:25:30 GMT
PopUp.js
9tdgba.sxyxda.com/ftl/commonPage/js/websocket/
2 KB
1 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/websocket/PopUp.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-08 /
Resource Hash
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 13:22:26 GMT
Content-Encoding
gzip
Age
561850
X-Cache-Status
HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-19
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
797
Accept-Ranges
bytes
Last-Modified
Thu, 21 Apr 2022 04:30:12 GMT
Server
Default-server-KS-CLOUD-XJP-12-08
Cache-Control
max-age=86400
ETag
W/"6260ddd4-828"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-204
X-Cdn-Request-ID
0ea2273a0fa304431ccaff016b6288b8
Expires
Fri, 05 Aug 2022 13:22:26 GMT
message_zh_CN.js
44370.cc/
32 KB
10 KB
Script
General
Full URL
https://44370.cc:8989/message_zh_CN.js?v=1657056856383
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
c12df57fc9734729d6f35010295fe3cb7ea3fb94e6b9e06a35c94afc4206f482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Connection
keep-alive
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Transfer-Encoding
chunked
uuid
01619-01-00000000-16576755964ec6
out-line
gb-site-110
Expires
Thu, 14 Jul 2022 01:26:36 GMT
lazyload.js
9tdgba.sxyxda.com/ftl/commonPage/js/
9 KB
3 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/lazyload.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-12 /
Resource Hash
cf8442a6a61317b8c1407000e296ba99cab5873a51627c344fc6bea02d82d26b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 07 Jul 2022 07:50:28 GMT
Content-Encoding
gzip
Age
495369
X-Cache-Status
MISS from KS-CLOUD-XJP-FOREIGN-12-12, HIT from KS-CLOUD-XJP-FOREIGN-21-14
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
2311
Accept-Ranges
bytes
Last-Modified
Tue, 12 Apr 2022 03:30:13 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-12
Cache-Control
max-age=86400
ETag
W/"6254f245-22f7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
985b6af94113ddb805fabefe954b4669
Expires
Sat, 06 Aug 2022 07:50:28 GMT
gui-base.js
9tdgba.sxyxda.com/ftl/commonPage/js/
60 KB
16 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/gui-base.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-08 /
Resource Hash
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 26 Jun 2022 09:05:24 GMT
Content-Encoding
gzip
Age
1441273
X-Cache-Status
HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
15770
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-08
Cache-Control
max-age=86400
ETag
W/"5d848f4f-ee4d"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-204
X-Cdn-Request-ID
25113cf2f169400fe62dc52368d1bed9
Expires
Tue, 26 Jul 2022 09:05:24 GMT
bootstrap-dialog.min.js
9tdgba.sxyxda.com/ftl/commonPage/js/
20 KB
6 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/bootstrap-dialog.min.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-09 /
Resource Hash
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 26 Jun 2022 08:22:45 GMT
Content-Encoding
gzip
Age
1443832
X-Cache-Status
HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
5007
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-09
Cache-Control
max-age=86400
ETag
W/"5d848f4f-4ea4"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
7cdb234596cd5437e94c83903e6ea5d4
Expires
Tue, 26 Jul 2022 08:22:45 GMT
layer.js
9tdgba.sxyxda.com/ftl/commonPage/js/
21 KB
8 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/layer.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-04 /
Resource Hash
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 04:14:07 GMT
Content-Encoding
gzip
Age
2322749
X-Cache-Status
HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
7599
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-04
Cache-Control
max-age=86400
ETag
W/"5d848f4f-55f6"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
8b61b07d795de9bc263527b3b50a9ef5
Expires
Sat, 16 Jul 2022 04:14:07 GMT
jquery.super-marquee.js
9tdgba.sxyxda.com/ftl/commonPage/js/jquery/
4 KB
2 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-07 /
Resource Hash
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 04:24:21 GMT
Content-Encoding
gzip
Age
1890136
X-Cache-Status
HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
1421
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-07
Cache-Control
max-age=86400
ETag
W/"5d848f4f-1151"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-204
X-Cdn-Request-ID
71b86e228d02fed3ebaf87bafd53be3a
Expires
Thu, 21 Jul 2022 04:24:21 GMT
jquery.nicescroll.min.js
9tdgba.sxyxda.com/ftl/commonPage/js/jquery/
63 KB
18 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-03 /
Resource Hash
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 03:10:54 GMT
Content-Encoding
gzip
Age
252943
X-Cache-Status
HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
17446
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-03
Cache-Control
max-age=86400
ETag
W/"5d848f4f-fc8b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
8410513b0b6998b1e544dca42e454102
Expires
Tue, 09 Aug 2022 03:10:54 GMT
jquery.validate.js
9tdgba.sxyxda.com/051711/rcenter/common/js/jquery/plugins/jquery.validate/
27 KB
8 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/051711/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-04 /
Resource Hash
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 21:45:08 GMT
Content-Encoding
gzip
Age
2259689
X-Cache-Status
MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-02
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
7746
Accept-Ranges
bytes
Last-Modified
Tue, 17 May 2022 01:41:32 GMT
Server
Default-server-KS-CLOUD-XJP-12-04
Cache-Control
max-age=86400
ETag
W/"6282fd4c-6caf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
8bb94cef49b976b2ed64ef4da64fd826
Expires
Sat, 16 Jul 2022 21:45:08 GMT
jquery.validate.extend.msites.js
9tdgba.sxyxda.com/051711/rcenter/common/js/gamebox/common/
15 KB
5 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/051711/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-08 /
Resource Hash
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 21:45:08 GMT
Content-Encoding
gzip
Age
2259689
X-Cache-Status
MISS from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
4126
Accept-Ranges
bytes
Last-Modified
Tue, 17 May 2022 01:41:32 GMT
Server
Default-server-KS-CLOUD-XJP-12-08
Cache-Control
max-age=86400
ETag
W/"6282fd4c-3a09"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
7cace2d5928c45ba40263022be18f1a5
Expires
Sat, 16 Jul 2022 21:45:08 GMT
moment.js
9tdgba.sxyxda.com/ftl/commonPage/js/
112 KB
27 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/moment.js
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-04 /
Resource Hash
cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 03:48:55 GMT
Content-Encoding
gzip
Age
1892262
X-Cache-Status
HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-22
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
26878
Accept-Ranges
bytes
Last-Modified
Thu, 09 Jun 2022 08:55:07 GMT
Server
Default-server-KS-CLOUD-XJP-12-04
Cache-Control
max-age=86400
ETag
W/"62a1b56b-1bf5b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
183c8b27cc9ed2cae668825fc87df7e4
Expires
Thu, 21 Jul 2022 03:48:55 GMT
pc.css
9tdgba.sxyxda.com/ftl/commonPage/themes/hb/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/themes/hb/css/pc.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-03 /
Resource Hash
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 05:39:24 GMT
Content-Encoding
gzip
Age
244033
X-Cache-Status
HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
911
Accept-Ranges
bytes
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-12-03
Cache-Control
max-age=86400
ETag
W/"5d848f4f-b5d"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
2ef59bc548e5542c5617be36d1f660c1
Expires
Tue, 09 Aug 2022 05:39:24 GMT
gb.validation.min.js
9tdgba.sxyxda.com/051711/rcenter/common/static/js/
32 KB
6 KB
Script
General
Full URL
https://9tdgba.sxyxda.com/051711/rcenter/common/static/js/gb.validation.min.js?v=1657056856383
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-11 /
Resource Hash
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 21:45:09 GMT
Content-Encoding
gzip
Age
2259688
X-Cache-Status
MISS from KS-CLOUD-XJP-FOREIGN-12-11, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cache
MISS
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
5207
Accept-Ranges
bytes
Last-Modified
Tue, 13 Jul 2021 01:50:28 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-11
Cache-Control
max-age=86400
ETag
W/"60ecf164-7fd7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
1d9db6b901c2aca4e3e79950865643b1
Expires
Sat, 16 Jul 2022 21:45:09 GMT
gb.validation.min.css
9tdgba.sxyxda.com/051711/rcenter/common/static/css/
11 KB
4 KB
Stylesheet
General
Full URL
https://9tdgba.sxyxda.com/051711/rcenter/common/static/css/gb.validation.min.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-07 /
Resource Hash
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 21:46:36 GMT
Content-Encoding
gzip
Age
2259601
X-Cache-Status
MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
3788
Accept-Ranges
bytes
Last-Modified
Mon, 13 Sep 2021 05:23:34 GMT
Server
Default-server-KS-CLOUD-XJP-12-07
Cache-Control
max-age=86400
ETag
W/"613ee056-2d52"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
e6b11cc0aa63cec607e67a0d4f408cc2
Expires
Sat, 16 Jul 2022 21:46:36 GMT
special_3.jpg
9tdgba.sxyxda.com/ftl/commonPage/zh_CN/mobileTopic/images/
7 KB
7 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-10 /
Resource Hash
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 07:15:11 GMT
Age
1966286
X-Cache-Status
HIT from KS-CLOUD-XJP-FOREIGN-12-10, HIT from KS-CLOUD-XJP-FOREIGN-21-15
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
6871
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-10
Cache-Control
max-age=86400
ETag
"5d848f4f-1ad7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
84247adc583ac2763f8155f14825b716
Expires
Wed, 20 Jul 2022 07:15:11 GMT
hongbao.css
44370.cc/ftl/commonPage/themes/
49 KB
6 KB
Stylesheet
General
Full URL
https://44370.cc:8989/ftl/commonPage/themes/hongbao.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
05743735a729330b03082b0b859f9b94b2dcf2bd78f2cebb699364187b0a04d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 01:25:14 GMT
ETag
W/"6201c67a-c4b3"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jul 2022 01:26:36 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
-
gui-layer.css
44370.cc/ftl/commonPage/themes/
49 KB
7 KB
Stylesheet
General
Full URL
https://44370.cc:8989/ftl/commonPage/themes/gui-layer.css
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
45b94e09c1b8d9348d7a463d029b78a71f037128e4e3f8d7be9d44bdd7640ea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Oct 2021 06:25:10 GMT
ETag
W/"617107c6-c380"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jul 2022 01:26:36 GMT
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
out-line
gb-site-110
uuid
-
body-bg.gif
44370.cc/ftl/bet365-1619/themes/images/common/
758 B
1 KB
Image
General
Full URL
https://44370.cc:8989/ftl/bet365-1619/themes/images/common/body-bg.gif
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/bet365-1619/themes/common.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
f9b50670a93fcef81c4f838f7da60d397994bea07f83af0f51ae89d670f1189c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/bet365-1619/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"613c72a9-2f6"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
758
Expires
Thu, 14 Jul 2022 01:26:36 GMT
sec-nav-bg-grad.gif
44370.cc/ftl/bet365-1619/themes/images/common/
376 B
708 B
Image
General
Full URL
https://44370.cc:8989/ftl/bet365-1619/themes/images/common/sec-nav-bg-grad.gif
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/bet365-1619/themes/common.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
cd58d657e3d79583a5722257d8770e3b5f620f1d58e392f1d9460cc89ac485fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/bet365-1619/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"613c72a9-178"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
376
Expires
Thu, 14 Jul 2022 01:26:36 GMT
sports-infos-bg.png
44370.cc/ftl/bet365-1619/themes/images/index/
4 KB
5 KB
Image
General
Full URL
https://44370.cc:8989/ftl/bet365-1619/themes/images/index/sports-infos-bg.png
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/bet365-1619/themes/common.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
6cff75537c35a2a855cafaf1d2d45767867dbc28774da40ed8c4fd4f4f74a813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/bet365-1619/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"613c72a9-10d7"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
4311
Expires
Thu, 14 Jul 2022 01:26:36 GMT
truncated
/
484 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
527228714a2a640b71788550f8dcd2c0964ee13fdfddc1c57ff377134f8fcecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
bg-products.gif
44370.cc/ftl/bet365-1619/themes/images/index/
21 KB
21 KB
Image
General
Full URL
https://44370.cc:8989/ftl/bet365-1619/themes/images/index/bg-products.gif
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/bet365-1619/themes/common.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
1694db51d04b5d207f7bc4ca11a7fcd2ca171b2f4c2c2b12d1c75e5cb3dbe20f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/bet365-1619/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"613c72a9-5224"
X-Cache
HIT
Content-Type
image/gif
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
21028
Expires
Thu, 14 Jul 2022 01:26:36 GMT
truncated
/
260 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73500ead881aa273814d982b0a0e78dc29ebf04f37b5932667785f6f7c45a664

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
gui.ttf
44370.cc/ftl/commonPage/themes/fonts/gui-fonts/
351 KB
351 KB
Font
General
Full URL
https://44370.cc:8989/ftl/commonPage/themes/fonts/gui-fonts/gui.ttf
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
671741efdf4857a9030e02aba4706cecc7e34031a49e80a02b4bf2ca6a377b86

Request headers

Referer
https://44370.cc:8989/ftl/commonPage/themes/gui-base.css
Origin
https://44370.cc:8989
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:36 GMT
Last-Modified
Tue, 31 May 2022 08:36:10 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"6295d37a-57b78"
X-Cache
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
359288
Expires
Thu, 14 Jul 2022 01:26:36 GMT
layer.css
9tdgba.sxyxda.com/ftl/commonPage/js/theme/default/
18 KB
4 KB
Stylesheet
General
Full URL
https://9tdgba.sxyxda.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/layer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-11 /
Resource Hash
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 04:10:59 GMT
Content-Encoding
gzip
Age
1890938
X-Cache-Status
HIT from KS-CLOUD-XJP-FOREIGN-12-11, HIT from KS-CLOUD-XJP-FOREIGN-21-10
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
uuid
-
Content-Length
3111
Accept-Ranges
bytes
Last-Modified
Fri, 03 Sep 2021 08:10:10 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-11
Cache-Control
max-age=86400
ETag
W/"6131d862-48e4"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
out-line
gb-cdn-205
X-Cdn-Request-ID
c53f74a9ab455b9f56b393ce857cc373
Expires
Thu, 21 Jul 2022 04:10:59 GMT
getFloat.html
44370.cc/mobile-api/v5/origin/
138 B
649 B
XHR
General
Full URL
https://44370.cc:8989/mobile-api/v5/origin/getFloat.html
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
45c7e7ed630f2a5c7a48a85a78bf558f3a831d66085669a7953dfb0ea646fa54

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 13 Jul 2022 01:26:38 GMT
Access-Control-Allow-Headers
Content-Type,Access-Token,X-Requested-With
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Origin
https://44370.cc:8989
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
sub-sys
mobile
Content-Length
138
uuid
01619-01-00000000-1657675598591c
1627642552287.png
9tdgba.sxyxda.com/fserver/files/gb/1619/Logo/405/
8 KB
9 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/fserver/files/gb/1619/Logo/405/1627642552287.png?wsSecret=a06e970578af1c9f208db1bdfacac6a4&wsTime=1657675598
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-12 /
Resource Hash
a939a554c5690d148a600304325db0ea1990f3261b115da03d344e0e14b0e195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 10:58:01 GMT
Age
916117
X-Cache-Status
MISS from KS-CLOUD-XJP-FOREIGN-12-12, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
8159
Last-Modified
Fri, 30 Jul 2021 10:55:52 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-12
Cache-Control
max-age=86400
ETag
"6103dab8-1fdf"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
5b14b2c2f663f1d7a238c37ee8d71f26
Expires
Mon, 01 Aug 2022 10:58:01 GMT
index-casino.jpg
9tdgba.sxyxda.com/ftl/bet365-1619/images/index/
38 KB
39 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/ftl/bet365-1619/images/index/index-casino.jpg?wsSecret=e5fa34a71626911b019ed5f2e0aab1f0&wsTime=1657675598
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-08 /
Resource Hash
b136864ffef1cf1bca9a4106031e7f247fb62bb717db1a495c96c7d8b5b77da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 10:58:02 GMT
Age
916116
X-Cache-Status
MISS from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cache
MISS
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
39271
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
Server
Default-server-KS-CLOUD-XJP-12-08
Cache-Control
max-age=86400
ETag
"613c72a9-9967"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
acf5a518ccff2bf8ab2add1054203824
Expires
Mon, 01 Aug 2022 10:58:02 GMT
index-chess.jpg
9tdgba.sxyxda.com/ftl/bet365-1619/images/index/
12 KB
12 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/ftl/bet365-1619/images/index/index-chess.jpg?wsSecret=9b7e3cf9efb006bbf4d3e72f24375518&wsTime=1657675598
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-FOREIGN-12-06 /
Resource Hash
496f6b90ab41e0578054f60089032a0483247165dce969a83d70f4842496608a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 11:22:55 GMT
Age
914623
X-Cache-Status
HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-07
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
11922
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
Server
Default-server-KS-CLOUD-XJP-FOREIGN-12-06
Cache-Control
max-age=86400
ETag
"613c72a9-2e92"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
f5ffe6579b3d35717f5b25b314233956
Expires
Mon, 01 Aug 2022 11:22:55 GMT
index-game.jpg
9tdgba.sxyxda.com/ftl/bet365-1619/images/index/
31 KB
32 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/ftl/bet365-1619/images/index/index-game.jpg?wsSecret=bf7cf196054c61e70e99711eb2b11754&wsTime=1657675598
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-03 /
Resource Hash
dbddab3a290b16fc7b43e0a1093ffdec6a2ff91c104f9eff21df181a5336118c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 11:22:54 GMT
Age
914623
X-Cache-Status
HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
32135
Last-Modified
Sat, 11 Sep 2021 09:11:05 GMT
Server
Default-server-KS-CLOUD-XJP-12-03
Cache-Control
max-age=86400
ETag
"613c72a9-7d87"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
b8effe10d90bd71e368ed05c3dccf0eb
Expires
Mon, 01 Aug 2022 11:22:54 GMT
getUserTimeZoneDate.html
44370.cc/index/
119 B
454 B
XHR
General
Full URL
https://44370.cc:8989/index/getUserTimeZoneDate.html?t=l5ix91xq
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
b24164142a88eba9b333b39af7cc083d41e7f380dca055014b901981293e326a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:38 GMT
Content-Type
text/html; charset=utf-8
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
cachettl
3
sub-sys
msite
Content-Length
119
uuid
01619-01-00000000-16576755987db8
headerInfo.html
44370.cc/
127 B
443 B
XHR
General
Full URL
https://44370.cc:8989/headerInfo.html?t=l5ix924c
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
96691c16bf33bdc2be3c47ba087722f5642a72946b4a672a4ec5a72ae25276e5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
sub-sys
msite
uuid
01619-01-00000000-1657675598d891
getActivityMsg.html
44370.cc/mobile-api/v5/chess/
140 B
599 B
XHR
General
Full URL
https://44370.cc:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:39 GMT
Access-Control-Allow-Headers
Content-Type,Access-Token,X-Requested-With
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Type
text/html;charset=utf-8
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
sub-sys
mobile
Content-Length
140
uuid
01619-01-00000000-1657675599e4c8
loginSwitchCheck.html
44370.cc/mobile-api/v5/origin/
174 B
633 B
XHR
General
Full URL
https://44370.cc:8989/mobile-api/v5/origin/loginSwitchCheck.html
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:39 GMT
Access-Control-Allow-Headers
Content-Type,Access-Token,X-Requested-With
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Type
text/html;charset=utf-8
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
sub-sys
mobile
Content-Length
174
uuid
01619-01-00000000-165767559979b8
1627643681693.jpg
9tdgba.sxyxda.com/fserver/files/gb/1619/carousel/10008/
35 KB
36 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/fserver/files/gb/1619/carousel/10008/1627643681693.jpg?wsSecret=21a399de2cbf2cfa53bcb156e1a862c1&wsTime=1657675598
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-03 /
Resource Hash
a728db4170a186e105a70a52c36a6340fcb86c2a90fe5ae8ce4d371580d40ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 10:58:01 GMT
Age
916117
X-Cache-Status
MISS from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-18
X-Cache
HIT
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
36117
Last-Modified
Fri, 30 Jul 2021 11:14:41 GMT
Server
Default-server-KS-CLOUD-XJP-12-03
Cache-Control
max-age=86400
ETag
"6103df21-8d15"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
731816397561791979758b78a8ac524c
Expires
Mon, 01 Aug 2022 10:58:01 GMT
getUserTimeZoneDate.html
44370.cc/index/
119 B
394 B
XHR
General
Full URL
https://44370.cc:8989/index/getUserTimeZoneDate.html?t=l5ix92bk
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
975488f499b7d88865f882e983affa8635b4b36ea7646e0941edb033fd26f03a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:39 GMT
Content-Type
text/html; charset=utf-8
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
cachettl
3
sub-sys
msite
Content-Length
119
uuid
01619-01-00000000-16576755995847
1653498860141.png
9tdgba.sxyxda.com/fserver/files/gb/1619/carousel/10028/
62 KB
62 KB
Image
General
Full URL
https://9tdgba.sxyxda.com/fserver/files/gb/1619/carousel/10028/1653498860141.png?wsSecret=e13098e5125e33e64f1ca1c87ea6574f&wsTime=1657675598
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.155.16.129 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
Default-server-KS-CLOUD-XJP-12-07 /
Resource Hash
706dea40f9af50e698c990e5746b2392880a029f1d80bfea7251e2192fd8ba72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 10:58:01 GMT
Age
916117
X-Cache-Status
MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cache
MISS
x-link-via
xjp21:443;xjp12:80;
out-line
gb-cdn-205
uuid
-
Content-Length
63133
Last-Modified
Thu, 26 May 2022 17:11:02 GMT
Server
Default-server-KS-CLOUD-XJP-12-07
Cache-Control
max-age=86400
ETag
"628fb4a6-f69d"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Cdn-Request-ID
4f5cee57fe1a87d64c75d0393a21cea5
Expires
Mon, 01 Aug 2022 10:58:01 GMT
getThirdParam.html
44370.cc/mobile-api/v5/origin/
103 B
502 B
XHR
General
Full URL
https://44370.cc:8989/mobile-api/v5/origin/getThirdParam.html
Requested by
Host: 9tdgba.sxyxda.com
URL: https://9tdgba.sxyxda.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://44370.cc:8989/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:39 GMT
Access-Control-Allow-Headers
Content-Type,Access-Token,X-Requested-With
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Type
text/html;charset=utf-8
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
out-line
gb-site-110
sub-sys
mobile
Content-Length
103
uuid
01619-01-00000000-16576755993ec5
gui-layer-close-bg.png
44370.cc/ftl/commonPage/themes/images/layer-dialog/
1 KB
2 KB
Image
General
Full URL
https://44370.cc:8989/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
Requested by
Host: 44370.cc
URL: https://44370.cc:8989/ftl/commonPage/themes/gui-layer.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.249.110.55 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
visit.keznews.com
Software
/
Resource Hash
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://44370.cc:8989/ftl/commonPage/themes/gui-layer.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:26:39 GMT
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
out-line
gb-site-110
Connection
keep-alive
ETag
"5d848f4f-529"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
uuid
-
Accept-Ranges
bytes
Content-Length
1321
Expires
Thu, 14 Jul 2022 01:26:39 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| imgRoot string| randomstr string| apiRoot boolean| hasHg function| $ function| jQuery function| Swiper function| MSiteComet function| MSiteCometMarathon function| MSitePopUp function| showDialog string| resRoot string| wsRoot string| mdRoot string| fltRootPath string| language string| timeLanguage object| message function| lazyload function| LazyLoad function| responsive function| iealert function| blink function| textBlink object| carousels string| userAgent boolean| isChrome undefined| myFlash object| jQuery111305793164224996232 function| BootstrapDialog object| layer object| NiceScroll function| moment function| floatV5Main string| activityMessageId string| redBagTheme function| getFloat function| canShowLottery function| closePage function| openRule function| closeRule function| lottery function| showLotteryMessage function| onceAgain function| layerLangDialogIndex function| langDialog function| filterSwitchedLanguage string| imgPath string| cdnUrl function| homeDialog function| getUpdateTime function| getMultiADContent function| getSingleADContent function| layerMultiDialogIndex function| loadImage function| getLink function| goToPCenter object| initCaptcha function| checkSignSwitch function| replaceEvoToNt number| timestamp string| temp_timestamp number| newTimestamp function| replaceInfo function| replaceAttribute function| md5 boolean| isOpenCaptcha number| captchaType string| timezoneTran string| dateTimeFromat number| userTimeTimerId undefined| balanceQueryTriggerLimitTimer undefined| balanceAutoRefreshTimer string| HIDE_BALANCE_COOKIE_KEY string| REFRESH_BALANCE_TIME string| PAGE_LANGUAGE boolean| importAccount function| delateTip string| current_language function| transWebUrlSlide function| initMenuEvents function| createDesktop function| doSave function| SetHome function| AddFavorite function| noticeDialog function| noticeChangePageAjax function| setCookie function| getCookie function| closeIframeAlert function| getlocationParam function| maintainCheck function| handleMt function| maintainInfo function| transTimeZone function| getApiName function| getApiKey function| openNewPopWindow function| forgetUsername function| support function| getCustomerService function| getApiBalance function| getNotAutoPayApiBalance function| userTime function| changeTimeTimer function| apiLogin function| unLoginLottery function| gameMessage function| apiLoginDemo function| lotteryDemo function| createFreeAccount function| currentPage function| getXjPage function| apiLoginReal function| changeBalanceHide function| balanceStatus function| hideBalanceIfModeHide function| enterLogin object| loginObj function| changeLoginStatus function| game_demo function| afterLogin function| login function| openVerify function| verify function| openSecondVerify function| doSecondVerify function| importPlayer function| cancelVerify function| dropdownOpen function| Logout function| liveAccordion function| loginPlayer function| recoveryApi function| getNewDate function| isAllowRecoveryApi function| autoGetApiBalance function| getSingleApiBalance function| getAllApiBalance function| dialogMsg function| showAnnouncement function| maxGameTag function| gameCollect function| gameScore function| gameTagList function| myCollectList function| myRecentlyList function| layerDialogNormal function| closeIframeLayerDialog function| layerDialogDownload function| layerDialogForgetAccount function| layerDialogNotice function| layerDialogRegister function| getQRcode function| qrcode string| rgb function| PlaySound function| StopSound number| c_start string| page undefined| facebookClientId undefined| facebookRedirectUrl undefined| googleClientId undefined| googleRedirectUrl undefined| zaloClientId undefined| zaloRedirectUrl undefined| ouathLoginWindow function| getLoginParam function| socialLogin function| receiveMessage function| postData boolean| isLogin object| mega string| REGSTER_SEND_EMAIL_TIME string| REGSTER_SEND_PHONE_TIME function| init object| captcha_box

2 Cookies

Domain/Path Name / Value
44370.cc/ Name: sticket
Value: TkRZNE1TMDVNVFkzT
44370.cc/ Name: route
Value: 77e74e4d1edc48db1fe221dc6f1f8ac6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44370.cc
9tdgba.sxyxda.com
103.155.16.129
103.249.110.55
01cf3c6ca09d7b6003faf27cdf6ff31dc52ec67f73070a6c81bfcb50b7b9ea4c
05743735a729330b03082b0b859f9b94b2dcf2bd78f2cebb699364187b0a04d3
13e5348ceb8b66112851439602497e44bcb574bf16794598bce46340f784d533
1694db51d04b5d207f7bc4ca11a7fcd2ca171b2f4c2c2b12d1c75e5cb3dbe20f
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
410586cd742e3d9f5e37866e4e5ea65176b567eed3514cd22dd0a7c3155d41fe
45b94e09c1b8d9348d7a463d029b78a71f037128e4e3f8d7be9d44bdd7640ea2
45c7e7ed630f2a5c7a48a85a78bf558f3a831d66085669a7953dfb0ea646fa54
496f6b90ab41e0578054f60089032a0483247165dce969a83d70f4842496608a
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
5115beb96fcb86d69e9929dfe0188a3df5453061cc72e2935c7adf1f4edd7b96
527228714a2a640b71788550f8dcd2c0964ee13fdfddc1c57ff377134f8fcecb
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
671741efdf4857a9030e02aba4706cecc7e34031a49e80a02b4bf2ca6a377b86
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
6cff75537c35a2a855cafaf1d2d45767867dbc28774da40ed8c4fd4f4f74a813
706dea40f9af50e698c990e5746b2392880a029f1d80bfea7251e2192fd8ba72
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
73500ead881aa273814d982b0a0e78dc29ebf04f37b5932667785f6f7c45a664
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
96691c16bf33bdc2be3c47ba087722f5642a72946b4a672a4ec5a72ae25276e5
975488f499b7d88865f882e983affa8635b4b36ea7646e0941edb033fd26f03a
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
a728db4170a186e105a70a52c36a6340fcb86c2a90fe5ae8ce4d371580d40ab8
a939a554c5690d148a600304325db0ea1990f3261b115da03d344e0e14b0e195
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
b136864ffef1cf1bca9a4106031e7f247fb62bb717db1a495c96c7d8b5b77da3
b24164142a88eba9b333b39af7cc083d41e7f380dca055014b901981293e326a
bbe0ffb50ab74f43af89189515b54035f45f60a6bd12f5d93e11eec494c34a12
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708
c037215ca2cab30fec6b5061a3a1dcde11e52ba101680ddbfb8f9a04a19da6b0
c12df57fc9734729d6f35010295fe3cb7ea3fb94e6b9e06a35c94afc4206f482
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4
cc0e4aae90d57f055ec9b006b0c82dc2571630c00d9fa6bb49c5edb52948c688
cd58d657e3d79583a5722257d8770e3b5f620f1d58e392f1d9460cc89ac485fa
cf8442a6a61317b8c1407000e296ba99cab5873a51627c344fc6bea02d82d26b
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b
dbddab3a290b16fc7b43e0a1093ffdec6a2ff91c104f9eff21df181a5336118c
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
de87bc88df3d6a0da985ea2fcf98c29be86e6c4a98b2f68c372308260a4c0e62
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
f9b50670a93fcef81c4f838f7da60d397994bea07f83af0f51ae89d670f1189c
ff27f5e71ede1ca083248b0c466414d25d58eac14018ac936ef55ef6313a66fb