xpj86686.com Open in urlscan Pro
2606:4700:3108::ac42:2895 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jc689.vip/
Effective URL:
https://xpj86686.com/
Submission: On January 06 via api (January 6th 2024, 11:54:36 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3108::ac42:2895, located in United States and belongs to CLOUDFLARENET, US. The main domain is xpj86686.com.
TLS certificate: Issued by GTS CA 1P5 on November 17th 2023. Valid for: 3 months.

This is the only time xpj86686.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3035::6815:3095	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	240d:c000:201... 240d:c000:2010:1807:0:95aa:87ec:eca7	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	170.106.158.96 170.106.158.96	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
4	2606:4700:310... 2606:4700:3108::ac42:2895	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2409:8c44:b00... 2409:8c44:b00:206::6	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c06::61	() ()
40	8

4 2606:4700:3035::6815:3095 (United States)

ASN13335 (CLOUDFLARENET, US)

jc689.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240d:c000:2010:1807:0:95aa:87ec:eca7 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

open.mobile.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.106.158.96 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

api.ip138.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3108::ac42:2895 (United States)

ASN13335 (CLOUDFLARENET, US)

xpj86686.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2409:8c44:b00:206::6 (None, )

ASN- ()

9tdgba.lxhhf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::61 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	lxhhf.com 9tdgba.lxhhf.com	167 KB
4	xpj86686.com xpj86686.com	95 KB
4	51.la sdk.51.la — Cisco Umbrella Rank: 55358 collect-v6.51.la — Cisco Umbrella Rank: 51496	27 KB
4	jc689.vip jc689.vip	44 KB
1	googletagmanager.com www.googletagmanager.com	92 KB
1	ip138.com api.ip138.com	360 B
1	qq.com open.mobile.qq.com — Cisco Umbrella Rank: 127821	69 KB
40	7

	Domain	Requested by
22	9tdgba.lxhhf.com	xpj86686.com 9tdgba.lxhhf.com
4	xpj86686.com	jc689.vip xpj86686.com
4	jc689.vip	jc689.vip
2	collect-v6.51.la	sdk.51.la
2	sdk.51.la	jc689.vip
1	www.googletagmanager.com	xpj86686.com
1	api.ip138.com	jc689.vip
1	open.mobile.qq.com	jc689.vip
40	8

This site contains no links.

Subject Issuer	Validity	Valid
jc689.vip GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
oct14-2023-1.ias.qq.com DigiCert Secure Site CN CA G3	`2023-10-13` - `2024-10-15`	a year	crt.sh
*.ip138.com AlphaSSL CA - SHA256 - G4	`2023-03-02` - `2024-04-02`	a year	crt.sh
xpj86686.com GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.lxhhf.com Certum Domain Validation CA SHA2	`2023-12-05` - `2024-12-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xpj86686.com/
Frame ID: 237632A14F58F7F07E6D767CC782D09E
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://jc689.vip/ Page URL
https://jc689.vip/index3.html Page URL
https://xpj86686.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

93 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

500 kB
Transfer

1700 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jc689.vip/ Page URL
https://jc689.vip/index3.html Page URL
https://xpj86686.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
jc689.vip/ 24 KB
11 KB 613ms
457ms Document
text/html 2606:4700:3035::6815:3095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jc689.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44417447f9584d84ad3e1b424b1b41b2590246b85b36c8f171d021c36417aef1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8417e2e4ce334bd3-BUF
content-encoding: br
content-type: text/html
date: Sat, 06 Jan 2024 23:54:28 GMT
last-modified: Wed, 14 Jun 2023 10:19:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaJxV32j%2BS05KTdNogh8dGUbyZG9EYQAjtxvDLAU7FC7SH93gUPt3rMw0ytK%2Ba61Y48BjvP4qrsMZ7Cvtwx9mCBpWgZSSLQIbN60qjICZ6n8bOhLb8z42rsNECYfgL9FXwoesc4yfEA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 1394ms
680ms Script
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: jc689.vip
URL: https://jc689.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 23:54:29 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK qqapi.js Show response
open.mobile.qq.com/sdk/ 69 KB
69 KB 1663ms
320ms Script
application/x-javascript 240d:c000:2010:1807:0:95aa:87ec:eca7
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://open.mobile.qq.com/sdk/qqapi.js?_bid=152
Requested by: Host: jc689.vip
URL: https://jc689.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240d:c000:2010:1807:0:95aa:87ec:eca7 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash: 5ed54a54236d12b838952a5875652bb376a2bf54e127a6b30112760bdfcb030a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 23:54:29 GMT
X-Cache-Lookup: Hit From Disktank, Cache Miss
X-NWS-UUID-VERIFY: 5085cdd37a17056d882d25cd74eb7984
Age: 0
Connection: keep-alive
X-Verify-Code: 2871bd7acf67c7e298e9c8d8c865e27d
Content-Length: 70472
Last-Modified: Sat, 19 Nov 2022 10:35:43 GMT
Server: nginx/1.17.4
Vary: Origin
Content-Type: application/x-javascript
Cache-Control: max-age=86400
X-Daa-Tunnel: hop_count=1
X-NWS-LOG-UUID: 11565981017301381009
Accept-Ranges: bytes
Expires: Wed, 01 Nov 2023 03:31:07 GMT

GET
H2 404 jquery.min.js
jc689.vip/js/ 0
0 461ms
460ms Script
text/html 2606:4700:3035::6815:3095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jc689.vip/js/jquery.min.js
Requested by: Host: jc689.vip
URL: https://jc689.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:54:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV1m4zjaLE4BSiJs85ER7WbQcRq7WVrV4BKVznTIcoS8gqqdddRnWan92PBYW09E8xkXnQ9PlLrmkdzZI5gD%2FB2xF8%2BM9sxPhbHV%2Bz%2BEhYZsz9md90S2356DQ2CFKfxROCkjZx1McV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8417e2e7bf7a4bd3-BUF
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
509 B 1020ms
383ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://jc689.vip
Date: Sat, 06 Jan 2024 23:54:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd

Request headers

Referer
Origin: https://jc689.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H3 200 index3.html Show response
jc689.vip/ 3 KB
2 KB 249ms
248ms Document
text/html 2606:4700:3035::6815:3095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jc689.vip/index3.html
Requested by: Host: jc689.vip
URL: https://jc689.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e8981ab38024c106aacb0c0b3f66d0db98474db6b5ec926ca0d0febc9666b3

Request headers

Referer: https://jc689.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8417e2fc3e094bc0-BUF
content-encoding: br
content-type: text/html
date: Sat, 06 Jan 2024 23:54:31 GMT
last-modified: Wed, 20 Sep 2023 11:41:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdH4yvmezoScg62Q%2BWUPaWDR5Dh3IGX1Jkwvqd26MjqShMQpdKf%2FkT5tHpiKY8tHuj%2F3o64Z3h7ttP3u%2BG5sYw2BKQF9VoFg3FPEltr3OZ5sG%2FBiAJ3bluNWCyWqV3yK7ge8w%2BVEmU0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 jquery-3.5.1.min.js Show response
jc689.vip/ 87 KB
32 KB 682ms
681ms Script
application/javascript 2606:4700:3035::6815:3095
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jc689.vip/jquery-3.5.1.min.js
Requested by: Host: jc689.vip
URL: https://jc689.vip/index3.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3095 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/index3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:54:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 11:30:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650ad7d4-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXLmT5zyIE5z6Ts6ORCcbJjZfPu3iAy6dd9i%2FvXIKsm2DfD5FYHAr6AZdUNW8k%2FSC76EjZHkMZEZoUewyYFe%2BC%2Fseq%2FHkV6Ad33cRo67mMTndNE9QKRBRb9NkX2GLiYa%2BegyfYx7vNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8417e2fdceb14bc0-BUF
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jan 2024 11:54:32 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 308ms
307ms Script
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: jc689.vip
URL: https://jc689.vip/index3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 23:54:32 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
509 B 392ms
391ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://jc689.vip
Date: Sat, 06 Jan 2024 23:54:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK / Show response
api.ip138.com/ip/ 125 B
360 B 689ms
88ms Script
application/json 170.106.158.96
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ip138.com/ip/?callback=jQuery351025256605850086844_1704585272679&ip=&oid=75313&mid=132029&token=83634446fd511e81b962c68e9f2a335c&_=1704585272680
Requested by: Host: jc689.vip
URL: https://jc689.vip/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.158.96 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: 85d35a37c61c614077f32e06b252c72288753e8e7639fc43f2e25447dd48094f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jc689.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 06 Jan 2024 23:54:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 125
Content-Type: application/json; charset=utf-8

GET
H2 200 Primary Request / Show response
xpj86686.com/ 398 KB
70 KB 583ms
381ms Document
text/html 2606:4700:3108::ac42:2895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xpj86686.com/

Requested by

Host: jc689.vip
URL: https://jc689.vip/index3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2895 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55e93f1a26ee6d1e23150c8568bb22de86d7671d96994287896b1596ac51d98

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://jc689.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8417e307f85d4bcf-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 06 Jan 2024 23:54:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
out-line: gb-source-120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjWc9%2BBXPC1zbl2ZpecfmaKe9u4sjbfCv0rjPR%2BWC%2BTwmoq86Gz%2FtptCRJKFi1%2BraVJDO1wAz7wr7d5Bh7gRa57H4fPb4L6UYw9hV6RJ8SEBqB9OwDxpVRsR2RewBOMCmjhZ866Up0voCvw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
sub-sys: msite
uuid: 01669-01-00000000-1704585273919e
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK gui-base.css
9tdgba.lxhhf.com/ftl/commonPage/themes/ 81 KB
17 KB 1381ms
706ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-base.css

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-HUZ-MP-02-19 /

Resource Hash

2b9dad0dac3dfa7a8c10421bbf26c6c6d36fb42eb99c2746d9b4684546ab13d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:18:10 GMT
Content-Encoding: gzip
Age: 218184
x-link-via: zzcm51:443;huzmp02:80;
X-Cache-Status: HIT from KS-CLOUD-HUZ-MP-02-19, HIT from KS-CLOUD-ZZ-CM-51-28
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 17106
Last-Modified: Fri, 15 Dec 2023 09:00:14 GMT
Server: Default-server-KS-CLOUD-HUZ-MP-02-19
ETag: W/"657c159e-14540"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 603c033f03fde29b5b7b7e11edf0f99d
Expires: Sat, 03 Feb 2024 11:18:10 GMT

GET
H/1.1 200
OK gui-skin-default.css
9tdgba.lxhhf.com/ftl/commonPage/themes/ 31 KB
7 KB 1833ms
1189ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-skin-default.css

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LD-MP-12-27 /

Resource Hash

42a5a785e7ab2956f273d32e8c4a03e91a57a1c55cc9e952da66724bd9d48b5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 14:28:48 GMT
Content-Encoding: gzip
Age: 206746
x-link-via: zzcm51:443;ldmp12:80;
X-Cache-Status: HIT from KS-CLOUD-LD-MP-12-27, HIT from KS-CLOUD-ZZ-CM-51-28
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 6253
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Server: Default-server-KS-CLOUD-LD-MP-12-27
ETag: W/"64ad1569-7b6e"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 8e60627819a243187e31709418869194
Expires: Sat, 03 Feb 2024 14:28:48 GMT

GET
H/1.1 200
OK common.css
9tdgba.lxhhf.com/ftl/xpj1669/themes/style/ 24 KB
6 KB 961ms
304ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/xpj1669/themes/style/common.css

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LD-MP-13-27 /

Resource Hash

85d44b7cb188e7daa39bce4c5af80905553d5abe64548d01e208b870ee116a8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:47:34 GMT
Content-Encoding: gzip
Age: 216420
x-link-via: zzcm51:443;ldmp13:80;
X-Cache-Status: HIT from KS-CLOUD-LD-MP-13-27, HIT from KS-CLOUD-ZZ-CM-51-26
X-Cache: MISS
Connection: keep-alive
uuid: -
Content-Length: 5591
Last-Modified: Tue, 17 May 2022 01:45:56 GMT
Server: Default-server-KS-CLOUD-LD-MP-13-27
ETag: W/"6282fe54-5eed"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 3db0ee9785a3e20c31be8864359852f0
Expires: Sat, 03 Feb 2024 11:47:34 GMT

GET
H/1.1 200
OK bootstrap-dialog.min.css
9tdgba.lxhhf.com/ftl/xpj1669/themes/style/ 3 KB
1 KB 963ms
305ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/xpj1669/themes/style/bootstrap-dialog.min.css

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-TZ-MP-23-01 /

Resource Hash

03f67306359f5d3c659c9c8c872f3fb4d98b2bfb2b5e1bce618190d8c8d32780

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 12:41:36 GMT
Content-Encoding: gzip
Age: 213178
x-link-via: zzcm51:443;tzmp23:80;
X-Cache-Status: HIT from KS-CLOUD-TZ-MP-23-01, HIT from KS-CLOUD-ZZ-CM-51-28
X-Cache: MISS
Connection: keep-alive
uuid: -
Content-Length: 621
Last-Modified: Tue, 29 Mar 2022 10:25:28 GMT
Server: Default-server-KS-CLOUD-TZ-MP-23-01
ETag: W/"6242de98-a1e"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 0ec19302c016ddd9f4faeeef63589c6a
Expires: Sat, 03 Feb 2024 12:41:36 GMT

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/jquery/ 94 KB
33 KB 1244ms
363ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LIS-MP-12-31 /

Resource Hash

329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;lismp12:80;
X-Cache-Status: MISS from KS-CLOUD-LIS-MP-12-31, HIT from KS-CLOUD-ZZ-CM-51-26
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 33545
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Server: Default-server-KS-CLOUD-LIS-MP-12-31
ETag: W/"5d848f4f-176d4"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 9ca8bcaf2fa25d21befcc75263b9e1d1
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK float.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/ 7 KB
3 KB 1172ms
289ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/float.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-JH-MP-01-10 /

Resource Hash

1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;jhmp01:80;
X-Cache-Status: MISS from KS-CLOUD-JH-MP-01-10, HIT from KS-CLOUD-ZZ-CM-51-25
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 1929
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Server: Default-server-KS-CLOUD-JH-MP-01-10
ETag: W/"612747ba-1b2f"
Vary: Accept-Encoding, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 1068076239af45a86def831bac6b41ce
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK idangerous.swiper.min.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/ 44 KB
12 KB 1261ms
332ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/idangerous.swiper.min.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-HUZ-MP-04-07 /

Resource Hash

1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;huzmp04:80;
X-Cache-Status: MISS from KS-CLOUD-HUZ-MP-04-07, HIT from KS-CLOUD-ZZ-CM-51-30
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 11957
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Server: Default-server-KS-CLOUD-HUZ-MP-04-07
ETag: W/"64d5b951-b083"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 27487eb07abf1d6b9ac802186dee9f9f
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK Comet.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/websocket/ 17 KB
5 KB 1272ms
323ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/websocket/Comet.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LY-MP-01-07 /

Resource Hash

6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;lymp01:80;
X-Cache-Status: MISS from KS-CLOUD-LY-MP-01-07, HIT from KS-CLOUD-ZZ-CM-51-28
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 4031
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Server: Default-server-KS-CLOUD-LY-MP-01-07
ETag: W/"60f60fb5-43bc"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 9fc3fe5d0a7ddfac41b7398705d96d6c
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK CometMarathon.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/websocket/ 12 KB
4 KB 1476ms
303ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/websocket/CometMarathon.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-NT-MP-01-16 /

Resource Hash

e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 14:59:39 GMT
Content-Encoding: gzip
Age: 204896
x-link-via: zzcm51:443;ntmp01:80;
X-Cache-Status: MISS from KS-CLOUD-NT-MP-01-16, HIT from KS-CLOUD-ZZ-CM-51-02
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 3316
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Server: Default-server-KS-CLOUD-NT-MP-01-16
ETag: W/"6260ddd4-2f13"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 7374c08abb7e4fe8bd8cacd113b24776
Expires: Sat, 03 Feb 2024 14:59:39 GMT

GET
H/1.1 200
OK PopUp.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/websocket/ 2 KB
1 KB 1566ms
305ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/websocket/PopUp.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LIS-MP-12-10 /

Resource Hash

871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;lismp12:80;
X-Cache-Status: MISS from KS-CLOUD-LIS-MP-12-10, HIT from KS-CLOUD-ZZ-CM-51-21
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 797
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Server: Default-server-KS-CLOUD-LIS-MP-12-10
ETag: W/"6260ddd4-828"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 61cd2dd7bd59e6671984993e5be766e8
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H2 200 message_zh_CN.js Show response
xpj86686.com/ 32 KB
11 KB 311ms
304ms Script
application/javascript 2606:4700:3108::ac42:2895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xpj86686.com/message_zh_CN.js?v=1704275136499

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2895 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:54:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
uuid: 01669-01-00000000-1704585274de2f
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 Jan 2024 23:54:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LyCWYhWLjVutPpbx44UxFrYYWxTQfV4kXx8PgU1OT4%2BmwJWIXYSIkRk3lOQ3bJtUdIadD6NrVACFRCEk4mTI%2BsMV60qZtJmNJsndQegn1zUvYiQLa7xoPSV2Vv58dGK4oDo2PXWwvgoj4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
out-line: gb-source-120
cf-ray: 8417e30af9bc4bcf-BUF
expires: Sun, 07 Jan 2024 23:54:34 GMT

GET
H/1.1 200
OK lazyload.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/ 12 KB
3 KB 1595ms
323ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/lazyload.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LY-MP-01-09 /

Resource Hash

fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;lymp01:80;
X-Cache-Status: MISS from KS-CLOUD-LY-MP-01-09, HIT from KS-CLOUD-ZZ-CM-51-30
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 2731
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Server: Default-server-KS-CLOUD-LY-MP-01-09
ETag: W/"64d05f66-2f79"
Vary: Accept-Encoding, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 9dc0d8a5d1cd7997fa53cea3f70312a9
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK gui-base.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/ 60 KB
16 KB 1823ms
360ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/gui-base.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LD-MP-12-03 /

Resource Hash

4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;ldmp12:80;
X-Cache-Status: MISS from KS-CLOUD-LD-MP-12-03, HIT from KS-CLOUD-ZZ-CM-51-23
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 15779
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Server: Default-server-KS-CLOUD-LD-MP-12-03
ETag: W/"64ddbaed-ee5c"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 72e80d4ae65e2166e5603f15c7ad027a
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK bootstrap-dialog.min.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/ 20 KB
6 KB 1811ms
336ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/bootstrap-dialog.min.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-JH-MP-01-44 /

Resource Hash

dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218490
x-link-via: zzcm51:443;jhmp01:80;
X-Cache-Status: MISS from KS-CLOUD-JH-MP-01-44, HIT from KS-CLOUD-ZZ-CM-51-21
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 5007
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Server: Default-server-KS-CLOUD-JH-MP-01-44
ETag: W/"5d848f4f-4ea4"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 6d2289219ea106e87bedbfff5b63c5cb
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET layer.js
9tdgba.lxhhf.com/ftl/commonPage/js/ 0
0

GET
H/1.1 200
OK jquery.super-marquee.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/jquery/ 4 KB
2 KB 2061ms
312ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-NT-MP-01-14 /

Resource Hash

1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 14:59:39 GMT
Content-Encoding: gzip
Age: 204896
x-link-via: zzcm51:443;ntmp01:80;
X-Cache-Status: MISS from KS-CLOUD-NT-MP-01-14, HIT from KS-CLOUD-ZZ-CM-51-07
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 1421
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Server: Default-server-KS-CLOUD-NT-MP-01-14
ETag: W/"5d848f4f-1151"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 738e053f658838b2c34c07ccd42f5308
Expires: Sat, 03 Feb 2024 14:59:39 GMT

GET
H/1.1 200
OK jquery.nicescroll.min.js Show response
9tdgba.lxhhf.com/ftl/commonPage/js/jquery/ 63 KB
18 KB 2184ms
374ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-XY-MP-02-05 /

Resource Hash

a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218491
x-link-via: zzcm51:443;xymp02:80;
X-Cache-Status: MISS from KS-CLOUD-XY-MP-02-05, HIT from KS-CLOUD-ZZ-CM-51-04
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 17446
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Server: Default-server-KS-CLOUD-XY-MP-02-05
ETag: W/"5d848f4f-fc8b"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 290dc3525cee903b7b34a0f5fff88e01
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK jquery.validate.js Show response
9tdgba.lxhhf.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/ 27 KB
8 KB 2139ms
317ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-HUZ-MP-02-12 /

Resource Hash

728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218491
x-link-via: zzcm51:443;huzmp02:80;
X-Cache-Status: MISS from KS-CLOUD-HUZ-MP-02-12, HIT from KS-CLOUD-ZZ-CM-51-21
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 7746
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Server: Default-server-KS-CLOUD-HUZ-MP-02-12
ETag: W/"655579ca-6caf"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 7b9431acdd850a4990cba50fd5b41601
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK jquery.validate.extend.msites.js Show response
9tdgba.lxhhf.com/061410/rcenter/common/js/gamebox/common/ 15 KB
5 KB 2205ms
308ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-HUZ-MP-04-20 /

Resource Hash

aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218491
x-link-via: zzcm51:443;huzmp04:80;
X-Cache-Status: MISS from KS-CLOUD-HUZ-MP-04-20, HIT from KS-CLOUD-ZZ-CM-51-15
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 4126
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Server: Default-server-KS-CLOUD-HUZ-MP-04-20
ETag: W/"655579ca-3a09"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 58bc0d3f377c1fcf97f322eda7e1b65f
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET
H/1.1 200
OK moment.js
9tdgba.lxhhf.com/ftl/commonPage/js/ 64 KB
0 2326ms
394ms Script
application/javascript 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/js/moment.js

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LYG-MP-21-10 /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 16:58:36 GMT
Content-Encoding: gzip
Age: 543360
x-link-via: zzcm51:443;lygmp21:80;
X-Cache-Status: MISS from KS-CLOUD-LYG-MP-21-10, HIT from KS-CLOUD-ZZ-CM-51-19
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 26968
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Server: Default-server-KS-CLOUD-LYG-MP-21-10
ETag: W/"64b633ca-1cab9"
Vary: Accept-Encoding, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 8784a4671b20811b54633a4b10870a7f
Expires: Tue, 30 Jan 2024 16:58:36 GMT

GET
H/1.1 200
OK pc.css
9tdgba.lxhhf.com/ftl/commonPage/themes/hb/css/ 3 KB
2 KB 922ms
302ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/themes/hb/css/pc.css

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-QD-MP-02-20 /

Resource Hash

5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:13:05 GMT
Content-Encoding: gzip
Age: 218489
x-link-via: zzcm51:443;qdmp02:80;
X-Cache-Status: MISS from KS-CLOUD-QD-MP-02-20, HIT from KS-CLOUD-ZZ-CM-51-26
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 911
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Server: Default-server-KS-CLOUD-QD-MP-02-20
ETag: W/"5d848f4f-b5d"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 7fdd6908e7673664be7c287085bbba1f
Expires: Sat, 03 Feb 2024 11:13:05 GMT

GET gb.validation.min.js
9tdgba.lxhhf.com/061410/rcenter/common/static/js/ 0
0

GET
H/1.1 200
OK gb.validation.min.css
9tdgba.lxhhf.com/061410/rcenter/common/static/css/ 11 KB
4 KB 942ms
317ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/061410/rcenter/common/static/css/gb.validation.min.css

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LYG-MP-21-26 /

Resource Hash

3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 16:13:34 GMT
Content-Encoding: gzip
Age: 546060
x-link-via: zzcm51:443;lygmp21:80;
X-Cache-Status: MISS from KS-CLOUD-LYG-MP-21-26, HIT from KS-CLOUD-ZZ-CM-51-09
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 3788
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Server: Default-server-KS-CLOUD-LYG-MP-21-26
ETag: W/"633d510e-2d52"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-205
X-Cdn-Request-ID: 32e39ba180f5ca542f5d6950d547f354
Expires: Tue, 30 Jan 2024 16:13:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 125ms
60ms Script
application/javascript 2607:f8b0:4004:c06::61

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BDJM9BTKKF

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f559cf1d9eb9cf591eb8d880ae4827c3b1337ea94c5c892e84b33b5378395cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:54:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 23:54:36 GMT

GET special_3.jpg
9tdgba.lxhhf.com/ftl/commonPage/zh_CN/mobileTopic/images/ 0
0

GET
H/1.1 200
OK hongbao.css
9tdgba.lxhhf.com/ftl/commonPage/themes/ 53 KB
6 KB 338ms
333ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/themes/hongbao.css

Requested by

Host: 9tdgba.lxhhf.com
URL: https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-LD-MP-13-17 /

Resource Hash

5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:18:13 GMT
Content-Encoding: gzip
Age: 218182
x-link-via: zzcm51:443;ldmp13:80;
X-Cache-Status: HIT from KS-CLOUD-LD-MP-13-17, HIT from KS-CLOUD-ZZ-CM-51-04
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 5666
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Server: Default-server-KS-CLOUD-LD-MP-13-17
ETag: W/"64252e4f-d530"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: ef68572ff84520659733cfac8e09d1a6
Expires: Sat, 03 Feb 2024 11:18:13 GMT

GET
H/1.1 200
OK gui-layer.css
9tdgba.lxhhf.com/ftl/commonPage/themes/ 50 KB
7 KB 372ms
338ms Stylesheet
text/css 2409:8c44:b00:206::6

General

Check archive.org

Show headers Download Go to

Full URL

https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-layer.css

Requested by

Host: 9tdgba.lxhhf.com
URL: https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2409:8c44:b00:206::6 -, , ASN (),

Reverse DNS

Software

Default-server-KS-CLOUD-HUZ-MP-02-13 /

Resource Hash

9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://9tdgba.lxhhf.com/ftl/commonPage/themes/gui-base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 11:54:12 GMT
Content-Encoding: gzip
Age: 216023
x-link-via: zzcm51:443;huzmp02:80;
X-Cache-Status: HIT from KS-CLOUD-HUZ-MP-02-13, HIT from KS-CLOUD-ZZ-CM-51-19
X-Cache: HIT
Connection: keep-alive
uuid: -
Content-Length: 6923
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Server: Default-server-KS-CLOUD-HUZ-MP-02-13
ETag: W/"64ddd5e1-c760"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
out-line: gb-cdn-204
X-Cdn-Request-ID: 5dd12f57648ae03b3e3d46baa5b3f62d
Expires: Sat, 03 Feb 2024 11:54:12 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e94fcabb03b3da77e5f0428c831040f54836cb109f45a8ec2e324eb6007d621

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 info_slogan.png
xpj86686.com/ftl/xpj1669/themes/images/ 14 KB
15 KB 301ms
301ms Image
image/png 2606:4700:3108::ac42:2895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xpj86686.com/ftl/xpj1669/themes/images/info_slogan.png

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2895 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a7ac03063a679339850cf997af789277ea6b4636d0603363ad42a35f26965a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:54:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
uuid: -
alt-svc: h3=":443"; ma=86400
content-length: 14383
last-modified: Tue, 29 Mar 2022 10:25:28 GMT
server: cloudflare
etag: "6242de98-382f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajd19fYp%2FAKvdYzvkaHr1JgXQW6KfEBuBsRINLu1kpYTtRqZVmCD9sCf6QCITgQ7HeLfXFzjs%2BMxw0%2F17E8crj3zl5pShUAJkPbJKsxkaOEvC8d6gISKS0y8wZUPZW8S41blBvofhuQRCBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
out-line: gb-source-120
accept-ranges: bytes
cf-ray: 8417e3172f0a4bc9-BUF
expires: Sun, 07 Jan 2024 23:54:36 GMT

GET
H3 200 partner-hongtu-gray.png
xpj86686.com/ftl/commonPage/images/partner/ 28 KB
0 331ms
331ms Image
image/png 2606:4700:3108::ac42:2895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xpj86686.com/ftl/commonPage/images/partner/partner-hongtu-gray.png

Requested by

Host: xpj86686.com
URL: https://xpj86686.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2895 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xpj86686.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:54:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
uuid: -
alt-svc: h3=":443"; ma=86400
content-length: 200304
last-modified: Wed, 06 Dec 2023 08:15:17 GMT
server: cloudflare
etag: "65702d95-30e70"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poczjtvDSV7OSRbMKzsW0j1JRYcOHykauD%2BcB8mC3p0VmYrftK0JRQ2IVs%2BQYpJbXmKibY%2FMhRr27e1lKCjwq94jCuhRkHDf7%2BUCNeGIhVCI8y51HMjxduaQrl5yeDZgznI%2FL2g9SDH2K1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
out-line: gb-source-120
accept-ranges: bytes
cf-ray: 8417e3172f0c4bc9-BUF
expires: Sun, 07 Jan 2024 23:54:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9tdgba.lxhhf.com
URL: https://9tdgba.lxhhf.com/ftl/commonPage/js/layer.js

Domain: 9tdgba.lxhhf.com
URL: https://9tdgba.lxhhf.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1704275136499

Domain: 9tdgba.lxhhf.com
URL: https://9tdgba.lxhhf.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jc689.vip/	1969-12-31 23:59:59	Name: __vtins__Jwl95l6HwjZq66Ev Value: %7B%22sid%22%3A%20%228d8a28a2-f465-5d8c-a0e2-3d663c8d34cc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201704587069824%2C%20%22ct%22%3A%201704585269824%7D
jc689.vip/	1970-01-21 03:05:45	Name: __51uvsct__Jwl95l6HwjZq66Ev Value: 1
jc689.vip/	1970-01-21 03:05:45	Name: __51vcke__Jwl95l6HwjZq66Ev Value: 54bc9406-8954-5322-bcc8-6624df68a8dc
jc689.vip/	1970-01-21 03:05:45	Name: __51vuft__Jwl95l6HwjZq66Ev Value: 1704585269828
jc689.vip/	1969-12-31 23:59:59	Name: __vtins__JwlFycmYi1Blt4RO Value: %7B%22sid%22%3A%20%221dded6ac-4cb8-5fbc-b348-1693a961fea6%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201704587072685%2C%20%22ct%22%3A%201704585272685%7D
jc689.vip/	1970-01-21 03:05:45	Name: __51uvsct__JwlFycmYi1Blt4RO Value: 1
jc689.vip/	1970-01-21 03:05:45	Name: __51vcke__JwlFycmYi1Blt4RO Value: e966be53-2e82-54bb-8028-7680584e97de
jc689.vip/	1970-01-21 03:05:45	Name: __51vuft__JwlFycmYi1Blt4RO Value: 1704585272687
xpj86686.com/	1969-12-31 23:59:59	Name: route Value: 98d89b53d4664b2b8f76fcfb49bcc69d
xpj86686.com/	1969-12-31 23:59:59	Name: _LANGUAGE Value: zh_CN

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jc689.vip/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9tdgba.lxhhf.com
api.ip138.com
collect-v6.51.la
jc689.vip
open.mobile.qq.com
sdk.51.la
www.googletagmanager.com
xpj86686.com
9tdgba.lxhhf.com
170.106.158.96
203.107.86.226
2409:8c44:b00:206::6
240d:c000:2010:1807:0:95aa:87ec:eca7
2606:4700:3035::6815:3095
2606:4700:3108::ac42:2895
2607:f8b0:4004:c06::61
03f67306359f5d3c659c9c8c872f3fb4d98b2bfb2b5e1bce618190d8c8d32780
0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b
1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
2b9dad0dac3dfa7a8c10421bbf26c6c6d36fb42eb99c2746d9b4684546ab13d3
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
36e8981ab38024c106aacb0c0b3f66d0db98474db6b5ec926ca0d0febc9666b3
42a5a785e7ab2956f273d32e8c4a03e91a57a1c55cc9e952da66724bd9d48b5b
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
44417447f9584d84ad3e1b424b1b41b2590246b85b36c8f171d021c36417aef1
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
5ed54a54236d12b838952a5875652bb376a2bf54e127a6b30112760bdfcb030a
68a7ac03063a679339850cf997af789277ea6b4636d0603363ad42a35f26965a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
85d35a37c61c614077f32e06b252c72288753e8e7639fc43f2e25447dd48094f
85d44b7cb188e7daa39bce4c5af80905553d5abe64548d01e208b870ee116a8c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
8e94fcabb03b3da77e5f0428c831040f54836cb109f45a8ec2e324eb6007d621
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f559cf1d9eb9cf591eb8d880ae4827c3b1337ea94c5c892e84b33b5378395cd0
f55e93f1a26ee6d1e23150c8568bb22de86d7671d96994287896b1596ac51d98
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4

xpj86686.com Open in urlscan Pro 2606:4700:3108::ac42:2895 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

93 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

500 kBTransfer

1700 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xpj86686.com Open in urlscan Pro
2606:4700:3108::ac42:2895 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

93 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

500 kB
Transfer

1700 kB
Size

10
Cookies

40 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!