urlscan.io logo urlscan.io
SecurityTrails logo

305838.com Open in urlscan Pro
20.239.57.18  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://305838.com/
Effective URL: https://305838.com:8989/
Submission: On November 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 86 HTTP transactions. The main IP is 20.239.57.18, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 305838.com.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.
This is the only time 305838.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

IP Address AS Autonomous System
1 37 20.239.57.18 8075 (MICROSOFT...)
49 240e:615:6e01... 4134 (CHINANET-...)
86 3
Apex Domain
Subdomains		 Transfer
49 eveday.me
0btgia.eveday.me
3 MB
37 305838.com
305838.com
907 KB
86 2
Domain Requested by
49 0btgia.eveday.me 305838.com
0btgia.eveday.me
37 305838.com 1 redirects 305838.com
0btgia.eveday.me
86 2

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
goopay.la
5080800.com
41o2luuu.1sfbuhc2wm.com
www.ub66.net
Subject Issuer Validity Valid
305838.com
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.eveday.me
Sectigo RSA Domain Validation Secure Server CA		 2023-02-10 -
2024-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://305838.com:8989/
Frame ID: 70BEBB24CF0593375461FB1FCD3B0EE3
Requests: 109 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

澳门威尼斯人官网

Page URL History Show full URLs

  1. https://305838.com/ HTTP 301
    https://305838.com:8989/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

99 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

3601 kB
Transfer

6340 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://305838.com/ HTTP 301
    https://305838.com:8989/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
305838.com/
Redirect Chain
  • https://305838.com/
  • https://305838.com:8989/
537 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a078abafec635097a146ca37eb1bbf28f707ccdd6e6ff13c7aca631ce745916e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 13 Nov 2023 22:57:29 GMT
out-line
gb-cdn-113
sub-sys
msite
uuid
00140-01-00000000-1699916249a615
vary
Accept-Encoding Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-length
59
content-type
text/html; charset=utf-8
date
Mon, 13 Nov 2023 22:57:28 GMT
location
https://305838.com:8989/
gui-base.css
305838.com/ftl/commonPage/themes/ 		81 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/commonPage/themes/gui-base.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26fd674a916918ec9b8dc6cab7212074e969ab50ada4085f36f2983ff2354bb8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:29 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 05:55:51 GMT
etag
W/"65360ae7-144c3"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
-
out-line
gb-cdn-113
expires
Tue, 14 Nov 2023 22:57:29 GMT
gui-skin-default.css
305838.com/ftl/commonPage/themes/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/commonPage/themes/gui-skin-default.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
42a5a785e7ab2956f273d32e8c4a03e91a57a1c55cc9e952da66724bd9d48b5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:29 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 08:40:09 GMT
etag
W/"64ad1569-7b6e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
-
out-line
gb-cdn-113
expires
Tue, 14 Nov 2023 22:57:29 GMT
common.css
305838.com/ftl/venetian140/themes/ 		43 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/venetian140/themes/common.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9dc2819067f88d5434200007fc0e56251835f85b2f4797f956a4c6fe3a4beeb9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:29 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 05:30:12 GMT
etag
W/"616d0664-aa73"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
-
out-line
gb-cdn-113
expires
Tue, 14 Nov 2023 22:57:29 GMT
bootstrap-dialog.min.css
305838.com/ftl/venetian140/themes/ 		3 KB
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/venetian140/themes/bootstrap-dialog.min.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7de030300f5c83d47f1cbc6e99b314fb75f623223f815be5f67539c7da2a6e72
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:29 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
W/"5d2c760e-ad9"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
-
out-line
gb-cdn-113
content-length
629
expires
Tue, 14 Nov 2023 22:57:29 GMT
i18n.js
305838.com/commonPage/lan/ 		1 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/commonPage/lan/i18n.js?t=1699916249.171
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06f8ed1f6a3545e7db746ce052b87294aab1305216c5b8b2c52b0a7addb7030e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:29 GMT
content-encoding
gzip
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
uuid
00140-01-00000000-1699916249e6f2
out-line
gb-cdn-113
content-length
810
hot.gif
305838.com/ftl/venetian140/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/images/hot.gif
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c34ed994680ca6446b85dd47aa963cd4cfdd07180a9517b4d7d37f3c7a1b94cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:29 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-56c"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/gif
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
1388
expires
Tue, 14 Nov 2023 22:57:29 GMT
jquery-1.11.3.min.js
0btgia.eveday.me/ftl/commonPage/js/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-NT-MP-01-01 /
Resource Hash
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;ntmp01:80;
X-Cache-Status
HIT from KS-CLOUD-NT-MP-01-01, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
33545
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-NT-MP-01-01
ETag
W/"5d848f4f-176d4"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-204
X-Cdn-Request-ID
3e1acf778899193c3c5fb3297e4234ea
Expires
Sat, 25 Nov 2023 09:31:15 GMT
float.js
0btgia.eveday.me/ftl/commonPage/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/float.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HA-MP-14-14 /
Resource Hash
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;hamp14:80;
X-Cache-Status
HIT from KS-CLOUD-HA-MP-14-14, HIT from KS-CLOUD-HK-CT-212-08
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1929
Last-Modified
Thu, 26 Aug 2021 07:50:18 GMT
Server
Default-server-KS-CLOUD-HA-MP-14-14
ETag
W/"612747ba-1b2f"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
fc23d9a78c22a58f3d393923f2599df2
Expires
Sat, 25 Nov 2023 09:31:15 GMT
idangerous.swiper.min.js
0btgia.eveday.me/ftl/commonPage/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/idangerous.swiper.min.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Ksyun-Dorado /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 22:57:51 GMT
Server
Ksyun-Dorado
x-link-via
hkct212:443;lygmp21:80;
X-Cache-Status
MISS from KS-CLOUD-LYG-MP-21-27, MISS from KS-CLOUD-HK-CT-212-27
Content-Type
text/html
Connection
keep-alive
X-Cdn-Request-ID
2337fe67d53f1f3e7b6f7682ab06874f
Content-Length
0
Comet.js
0btgia.eveday.me/ftl/commonPage/js/websocket/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/websocket/Comet.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-23 /
Resource Hash
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-23, HIT from KS-CLOUD-HK-CT-212-07
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
4031
Last-Modified
Mon, 19 Jul 2021 23:50:13 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-23
ETag
W/"60f60fb5-43bc"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
34cb30ae82e49662d63ae64a8082d3cf
Expires
Sat, 25 Nov 2023 09:31:15 GMT
CometMarathon.js
0btgia.eveday.me/ftl/commonPage/js/websocket/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/websocket/CometMarathon.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-02-07 /
Resource Hash
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;huzmp02:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-02-07, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3316
Last-Modified
Thu, 21 Apr 2022 04:30:12 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-02-07
ETag
W/"6260ddd4-2f13"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
ce017c79561352437b0bdcbf8fe76708
Expires
Sat, 25 Nov 2023 09:31:15 GMT
PopUp.js
0btgia.eveday.me/ftl/commonPage/js/websocket/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/websocket/PopUp.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-XY-MP-02-08 /
Resource Hash
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;xymp02:80;
X-Cache-Status
HIT from KS-CLOUD-XY-MP-02-08, HIT from KS-CLOUD-HK-CT-212-29
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
797
Last-Modified
Thu, 21 Apr 2022 04:30:12 GMT
Server
Default-server-KS-CLOUD-XY-MP-02-08
ETag
W/"6260ddd4-828"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
24ec16792fb2030c9398cb23a901909d
Expires
Sat, 25 Nov 2023 09:31:15 GMT
message_zh_CN.js
305838.com/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/message_zh_CN.js?v=1699436729231
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad194b3c9e03ab63b64bccd568d8c277db23a273c5ac4f3ef670decb7417a7ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
00140-01-00000000-1699916250800e
out-line
gb-cdn-113
expires
Tue, 14 Nov 2023 22:57:30 GMT
lazyload.js
0btgia.eveday.me/ftl/commonPage/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/lazyload.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JH-MP-01-17 /
Resource Hash
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;jhmp01:80;
X-Cache-Status
HIT from KS-CLOUD-JH-MP-01-17, HIT from KS-CLOUD-HK-CT-212-24
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
2731
Last-Modified
Mon, 07 Aug 2023 03:05:10 GMT
Server
Default-server-KS-CLOUD-JH-MP-01-17
ETag
W/"64d05f66-2f79"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
ddc21f601a6b0cfc9c3457fba9b50e50
Expires
Sat, 25 Nov 2023 09:31:15 GMT
gui-base.js
0btgia.eveday.me/ftl/commonPage/js/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/gui-base.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-04-06 /
Resource Hash
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;huzmp04:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-04-06, HIT from KS-CLOUD-HK-CT-212-04
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
15779
Last-Modified
Thu, 17 Aug 2023 06:15:09 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-04-06
ETag
W/"64ddbaed-ee5c"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
5a0b43b2e1e4968394d1d27371ca3c0a
Expires
Sat, 25 Nov 2023 09:31:15 GMT
bootstrap-dialog.min.js
0btgia.eveday.me/ftl/commonPage/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/bootstrap-dialog.min.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LY-MP-01-21 /
Resource Hash
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;lymp01:80;
X-Cache-Status
HIT from KS-CLOUD-LY-MP-01-21, HIT from KS-CLOUD-HK-CT-212-28
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
5007
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LY-MP-01-21
ETag
W/"5d848f4f-4ea4"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
6b9c776841f7a8677da41d11f5b545d6
Expires
Sat, 25 Nov 2023 09:31:15 GMT
layer.js
0btgia.eveday.me/ftl/commonPage/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/layer.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-TZ-MP-23-25 /
Resource Hash
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;tzmp23:80;
X-Cache-Status
HIT from KS-CLOUD-TZ-MP-23-25, HIT from KS-CLOUD-HK-CT-212-10
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
7599
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-TZ-MP-23-25
ETag
W/"5d848f4f-55f6"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
c8c6ddf6ecb004b07c7c68efe2833ff0
Expires
Sat, 25 Nov 2023 09:31:15 GMT
jquery.super-marquee.js
0btgia.eveday.me/ftl/commonPage/js/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery.super-marquee.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-30 /
Resource Hash
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-30, HIT from KS-CLOUD-HK-CT-212-12
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1421
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-30
ETag
W/"5d848f4f-1151"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
c4b22e7bc44dbf63ea2f416bc20d8bd1
Expires
Sat, 25 Nov 2023 09:31:15 GMT
jquery.nicescroll.min.js
0btgia.eveday.me/ftl/commonPage/js/jquery/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-30 /
Resource Hash
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-30, HIT from KS-CLOUD-HK-CT-212-20
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
17446
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-30
ETag
W/"5d848f4f-fc8b"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
9f6d050679caf3ef7456249652760d9a
Expires
Sat, 25 Nov 2023 09:31:15 GMT
jquery.validate.js
0btgia.eveday.me/061410/rcenter/common/js/jquery/plugins/jquery.validate/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JN-MP-22-22 /
Resource Hash
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;jnmp22:80;
X-Cache-Status
HIT from KS-CLOUD-JN-MP-22-22, HIT from KS-CLOUD-HK-CT-212-10
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
7746
Last-Modified
Fri, 20 Oct 2023 05:21:48 GMT
Server
Default-server-KS-CLOUD-JN-MP-22-22
ETag
W/"65320e6c-6caf"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
7adde7963a1404ff34a7008f62534f87
Expires
Sat, 25 Nov 2023 09:31:15 GMT
jquery.validate.extend.msites.js
0btgia.eveday.me/061410/rcenter/common/js/gamebox/common/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-01 /
Resource Hash
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-01, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
4126
Last-Modified
Fri, 20 Oct 2023 05:21:48 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-01
ETag
W/"65320e6c-3a09"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
5be71a091997f842846b3c1cb0a281a0
Expires
Sat, 25 Nov 2023 09:31:15 GMT
moment.js
0btgia.eveday.me/ftl/commonPage/js/ 		115 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/moment.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JH-MP-01-14 /
Resource Hash
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603576
x-link-via
hkct212:443;jhmp01:80;
X-Cache-Status
HIT from KS-CLOUD-JH-MP-01-14, HIT from KS-CLOUD-HK-CT-212-09
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
26968
Last-Modified
Tue, 18 Jul 2023 06:40:10 GMT
Server
Default-server-KS-CLOUD-JH-MP-01-14
ETag
W/"64b633ca-1cab9"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
1d2c90f983cfe6b53e63ef10562d1971
Expires
Sat, 25 Nov 2023 09:31:15 GMT
pc.css
0btgia.eveday.me/ftl/commonPage/themes/hb/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/themes/hb/css/pc.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-19 /
Resource Hash
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:37:57 GMT
Content-Encoding
gzip
Age
1588775
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-19, HIT from KS-CLOUD-HK-CT-212-07
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
911
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-19
ETag
W/"5d848f4f-b5d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
4d09428f16e248c522841aa514bd83ba
Expires
Sat, 25 Nov 2023 13:37:57 GMT
gb.validation.min.js
0btgia.eveday.me/061410/rcenter/common/static/js/ 		32 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/061410/rcenter/common/static/js/gb.validation.min.js?v=1699436729231
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JH-MP-01-09 /
Resource Hash
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603577
x-link-via
hkct212:443;jhmp01:80;
X-Cache-Status
HIT from KS-CLOUD-JH-MP-01-09, HIT from KS-CLOUD-HK-CT-212-24
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
5207
Last-Modified
Wed, 05 Oct 2022 09:40:30 GMT
Server
Default-server-KS-CLOUD-JH-MP-01-09
ETag
W/"633d510e-7fd7"
Vary
Accept-Encoding, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
86ddc48906042ecac2cc49d4b07c6ef8
Expires
Sat, 25 Nov 2023 09:31:15 GMT
gb.validation.min.css
0btgia.eveday.me/061410/rcenter/common/static/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/061410/rcenter/common/static/css/gb.validation.min.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HA-MP-14-02 /
Resource Hash
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 02:22:23 GMT
Content-Encoding
gzip
Age
74109
x-link-via
hkct212:443;hamp14:80;
X-Cache-Status
HIT from KS-CLOUD-HA-MP-14-02, HIT from KS-CLOUD-HK-CT-212-09
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3788
Last-Modified
Wed, 05 Oct 2022 09:40:30 GMT
Server
Default-server-KS-CLOUD-HA-MP-14-02
ETag
W/"633d510e-2d52"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-204
X-Cdn-Request-ID
b3b257f32a65e7623173273136091b03
Expires
Wed, 13 Dec 2023 02:22:23 GMT
special_3.jpg
0btgia.eveday.me/ftl/commonPage/zh_CN/mobileTopic/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0btgia.eveday.me/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-04 /
Resource Hash
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:16 GMT
Age
1603576
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-04, HIT from KS-CLOUD-HK-CT-212-08
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
6871
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-04
ETag
"5d848f4f-1ad7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
fc0b0db44f1b3a6a2b3d02ffdc17769f
Expires
Sat, 25 Nov 2023 09:31:16 GMT
menu.js
0btgia.eveday.me/ftl/venetian140/plugin/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/plugin/js/menu.js
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-06 /
Resource Hash
31054298069692888dfd709a25048f988c49ef304f55e2f6b31a26bac0cbfd2f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:25 GMT
Content-Encoding
gzip
Age
1590727
x-link-via
hkct212:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-06, HIT from KS-CLOUD-HK-CT-212-20
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
554
Last-Modified
Fri, 01 Oct 2021 03:35:04 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-06
ETag
W/"615681e8-61e"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
5638d86d3c48ead03cf55eee9a37afca
Expires
Sat, 25 Nov 2023 13:05:25 GMT
hongbao.css
305838.com/ftl/commonPage/themes/ 		53 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/commonPage/themes/hongbao.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/commonPage/themes/gui-base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/commonPage/themes/gui-base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 06:38:07 GMT
etag
W/"64252e4f-d530"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
-
out-line
gb-cdn-113
expires
Tue, 14 Nov 2023 22:57:30 GMT
gui-layer.css
305838.com/ftl/commonPage/themes/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/commonPage/themes/gui-layer.css
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/commonPage/themes/gui-base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/commonPage/themes/gui-base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 08:10:09 GMT
etag
W/"64ddd5e1-c760"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
uuid
-
out-line
gb-cdn-113
expires
Tue, 14 Nov 2023 22:57:30 GMT
language.png
305838.com/ftl/venetian140/themes/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/language.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aaf4d4e55186bce553cfa944c6fd1cb2b85a843c59ff2b8900c0ef5612946979
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-1d4a"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
7498
expires
Tue, 14 Nov 2023 22:57:30 GMT
menubox.png
305838.com/ftl/commonPage/commonContent/nav/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/commonPage/commonContent/nav/images/menubox.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36b4fe337b2c270b01f3e493f2131d6faaf9ab347f09c464317bdd7cb46165bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Sat, 15 Aug 2020 06:46:36 GMT
etag
"5f3784cc-506"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
1286
expires
Tue, 14 Nov 2023 22:57:30 GMT
login-bj.png
305838.com/ftl/venetian140/themes/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/login-bj.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
461309b26a131743a71bf817b58431fe501201882333a1794d74d38d75d657de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-28b4"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
10420
expires
Tue, 14 Nov 2023 22:57:30 GMT
notice-bg.png
305838.com/ftl/venetian140/themes/images/ 		109 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/notice-bg.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bf7b057ae309e2de08d7685b5444d7dc0a5fc87bfc0803855d6f76a68a6ace32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-6d"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
109
expires
Tue, 14 Nov 2023 22:57:30 GMT
circle_border.jpg
305838.com/ftl/venetian140/themes/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/circle_border.jpg
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f04ed64e7e89277da7423918c7708c5c3a6cfb2dc353e5ad8a340e55a160d3e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-202a"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
8234
expires
Tue, 14 Nov 2023 22:57:30 GMT
circle_bg.png
305838.com/ftl/venetian140/themes/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/circle_bg.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ab96376ffdd0c244a51258d45056424011a06e8e568975f43a73b21710188cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-1d83"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
7555
expires
Tue, 14 Nov 2023 22:57:30 GMT
triangle.png
305838.com/ftl/venetian140/themes/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/triangle.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bd72c6aeb4a6b0eb374d98f6d59242487db906a81d2af54950be419271266642
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-446"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
1094
expires
Tue, 14 Nov 2023 22:57:30 GMT
ico.png
305838.com/ftl/venetian140/themes/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/ico.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56ba11ff6d846a03a4abaedfcdcc8d9d983b62bf645225f9dfdd0dc05579e2bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-7010"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
28688
expires
Tue, 14 Nov 2023 22:57:30 GMT
slotbox.png
305838.com/ftl/venetian140/themes/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/slotbox.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c21ea3fa1405be86872b0bdcdfc997e3939100dcb7ce7747c2a29b2a2bb2fc45
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-2ce9"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
11497
expires
Tue, 14 Nov 2023 22:57:30 GMT
aboutbg.jpg
305838.com/ftl/venetian140/themes/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/aboutbg.jpg
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d82c7ccee1a5ead511a16749ce2ed715ab309e75832ac739f983745c7cd98d48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-8da1"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
36257
expires
Tue, 14 Nov 2023 22:57:30 GMT
tab.png
305838.com/ftl/venetian140/themes/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/tab.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
62d42ad32826bb988685bd65b4d26626710e62d955a459646755dece686667a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-b19"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
2841
expires
Tue, 14 Nov 2023 22:57:30 GMT
footer-partner-b.png
305838.com/ftl/venetian140/themes/images/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/footer-partner-b.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d0aa0fc4c3fcea7c7b2b94161c8d303c04d81bedb7bfc3f476dd451b3e0b0512
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-128a1"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
75937
expires
Tue, 14 Nov 2023 22:57:30 GMT
partner-bdo.png
305838.com/ftl/venetian140/themes/images/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/partner-bdo.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e6da5fbd882b42be4f6db155b8eceeecef5decd48a275d0de72f507312dca34c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Sat, 11 Sep 2021 09:11:44 GMT
etag
"613c72d0-1a27c"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
107132
expires
Tue, 14 Nov 2023 22:57:30 GMT
fico_03.png
305838.com/ftl/venetian140/themes/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/fico_03.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65fb28307f0e7dab5229b7782304aa39c9b27436a9a7cdd0dc12392a000fcef0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-ed9"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
3801
expires
Tue, 14 Nov 2023 22:57:30 GMT
gui.ttf
305838.com/ftl/commonPage/themes/fonts/gui-fonts/ 		409 KB
409 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/ftl/commonPage/themes/fonts/gui-fonts/gui.ttf
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/commonPage/themes/gui-base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
706921514fae85303fe2910ac2259193edc61f6f449aface09cf46ed322b8100
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://305838.com:8989/ftl/commonPage/themes/gui-base.css
Origin
https://305838.com:8989
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:30 GMT
last-modified
Mon, 23 Oct 2023 05:55:51 GMT
etag
"65360ae7-66450"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
418896
expires
Tue, 14 Nov 2023 22:57:30 GMT
layer.css
0btgia.eveday.me/ftl/commonPage/js/theme/default/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/layer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-FZ-MP-33-18 /
Resource Hash
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:15 GMT
Content-Encoding
gzip
Age
1603596
x-link-via
hkct212:443;fzmp33:80;
X-Cache-Status
HIT from KS-CLOUD-FZ-MP-33-18, HIT from KS-CLOUD-HK-CT-212-26
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3111
Last-Modified
Fri, 03 Sep 2021 08:10:10 GMT
Server
Default-server-KS-CLOUD-FZ-MP-33-18
ETag
W/"6131d862-48e4"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
bf075a2ffb1b99fa5847d5e97330071d
Expires
Sat, 25 Nov 2023 09:31:15 GMT
getFloat.html
305838.com/mobile-api/v5/origin/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/mobile-api/v5/origin/getFloat.html
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3dbdcc60c380dfaa0f567f06a8afd5dc9d6d94f32750125568c2dd3ec3a4bf3e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://305838.com:8989/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
content-encoding
gzip
sub-sys
mobile
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html;charset=utf-8
access-control-allow-origin
https://305838.com:8989
vary
Accept-Encoding
content-disposition
inline;filename=f.txt
uuid
00140-01-00000000-16999162715ab3
out-line
gb-cdn-113
access-control-allow-headers
Content-Type,Access-Token,X-Requested-With
x-frame-options
SAMEORIGIN
content-length
2956
special_3.jpg
0btgia.eveday.me/ftl/commonPage/zh_CN/mobileTopic/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0btgia.eveday.me/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-04 /
Resource Hash
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:31:16 GMT
Age
1603595
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-04, HIT from KS-CLOUD-HK-CT-212-08
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
6871
Last-Modified
Fri, 20 Sep 2019 08:35:27 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-04
ETag
"5d848f4f-1ad7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
67c74431006620426045da70e5f3d404
Expires
Sat, 25 Nov 2023 09:31:16 GMT
1546516402348.jpg.base64
0btgia.eveday.me/fserver/files/gb/140/carousel/10103/ 		461 KB
462 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/140/carousel/10103/1546516402348.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HUZ-MP-02-04 /
Resource Hash
a964def3dc46f0e24689d91810c5d86eb547a5127c730d0449e5921ac5ff2671
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:26 GMT
Age
1590746
x-link-via
hkct212:443;huzmp02:80;
X-Cache-Status
HIT from KS-CLOUD-HUZ-MP-02-04, HIT from KS-CLOUD-HK-CT-212-24
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
472092
Last-Modified
Fri, 18 Nov 2022 04:59:48 GMT
Server
Default-server-KS-CLOUD-HUZ-MP-02-04
ETag
"63771144-7341c"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
1c7d7f912fad5d1e29aadb60aa49d933
Expires
Sat, 25 Nov 2023 13:05:26 GMT
getUserTimeZoneDate.html
305838.com/index/ 		119 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/index/getUserTimeZoneDate.html?t=loxi99rd
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d528d6925227b7334cc475633d9be68ae90249a3b797e8946eee06e34cde991
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://305838.com:8989/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
content-encoding
br
sub-sys
msite
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
content-disposition
inline;filename=f.txt
uuid
00140-01-00000000-169991627195c8
out-line
gb-cdn-113
cachettl
3
content-length
97
icon-user.png
305838.com/ftl/venetian140/themes/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/icon-user.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e05dfbd130f8a76bf460cd94acbe68d393327b6014f100bb60dc0ef293384a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-3ab0"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
15024
expires
Tue, 14 Nov 2023 22:57:51 GMT
icon-pswd.png
305838.com/ftl/venetian140/themes/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/icon-pswd.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
049d97385bf533afb6ae14b3daf09bb5491a6afb7a2fffedf82b80ef7b573093
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-3a7e"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
14974
expires
Tue, 14 Nov 2023 22:57:51 GMT
btn-login2.png
305838.com/ftl/venetian140/themes/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/btn-login2.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef715b01d3ad6b5b02b0950812ac1546a874f3ad12ad13a9cf7ab2c8f88bd9d9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-1bfc"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
7164
expires
Tue, 14 Nov 2023 22:57:51 GMT
btn-reg2.png
305838.com/ftl/venetian140/themes/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/btn-reg2.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8099e1357a282f7c140c1caf25a6755ab40c17fd82b5e61e5ca7f6735b896fb8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-1780"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
6016
expires
Tue, 14 Nov 2023 22:57:51 GMT
login_btn.jpg
305838.com/ftl/venetian140/themes/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/login_btn.jpg
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ef697cfd677e9ce2d36bed2bcdaa35e3635fcda3ff7efaa4ce95ece03af5306
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-b3d"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
2877
expires
Tue, 14 Nov 2023 22:57:51 GMT
join_btn_cn.png
305838.com/ftl/venetian140/themes/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/venetian140/themes/images/join_btn_cn.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/ftl/venetian140/themes/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e46babedb98cb0cf2016d9422cb1f34973fd9626c71ec06ee21b63b2e89b0842
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/ftl/venetian140/themes/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
last-modified
Mon, 15 Jul 2019 12:48:14 GMT
etag
"5d2c760e-18dc"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
6364
expires
Tue, 14 Nov 2023 22:57:51 GMT
headerInfo.html
305838.com/ 		127 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/headerInfo.html?t=loxi99z8
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fcf7c331900b160a7f786af9b113b2d663d0195fbca9f95154b66542a6f77965
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://305838.com:8989/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:51 GMT
content-encoding
gzip
sub-sys
msite
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
content-disposition
inline;filename=f.txt
uuid
00140-01-00000000-16999162716008
out-line
gb-cdn-113
content-length
116
getActivityMsg.html
305838.com/mobile-api/v5/chess/ 		140 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://305838.com:8989/mobile-api/v5/chess/getActivityMsg.html?function=sign
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://305838.com:8989/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:52 GMT
content-encoding
br
sub-sys
mobile
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/html;charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-disposition
inline;filename=f.txt
uuid
00140-01-00000000-1699916272876e
out-line
gb-cdn-113
access-control-allow-headers
Content-Type,Access-Token,X-Requested-With
content-length
112
icon-close-1.png
305838.com/ftl/commonPage/themes/images/hongbao/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://305838.com:8989/ftl/commonPage/themes/images/hongbao/icon-close-1.png
Requested by
Host: 305838.com
URL: https://305838.com:8989/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.239.57.18 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://305838.com:8989/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 22:57:52 GMT
last-modified
Wed, 11 Aug 2021 06:10:54 GMT
etag
"611369ee-17c7"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
uuid
-
accept-ranges
bytes
out-line
gb-cdn-113
content-length
6087
expires
Tue, 14 Nov 2023 22:57:52 GMT
index_bj.png.base64
0btgia.eveday.me/ftl/venetian140/themes/images/ 		135 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/themes/images/index_bj.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-NT-MP-01-18 /
Resource Hash
add31726fe96613d27eadba2f731e4d5c52037747add05d6b8376123791061fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590735
x-link-via
hkct212:443;ntmp01:80;
X-Cache-Status
HIT from KS-CLOUD-NT-MP-01-18, HIT from KS-CLOUD-HK-CT-212-25
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
138037
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-NT-MP-01-18
ETag
"639975a1-21b35"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
ccf0117119af6c7b2f7f440f29ea9b84
Expires
Sat, 25 Nov 2023 13:05:37 GMT
new_home_title.jpg.base64
0btgia.eveday.me/ftl/venetian140/images/ 		25 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/new_home_title.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-XY-MP-02-09 /
Resource Hash
62da15aa96109e7ce01116f8e210574bab55d6574a084546a5812499e2baf4de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:19:15 GMT
Age
1589917
x-link-via
hkct212:443;xymp02:80;
X-Cache-Status
HIT from KS-CLOUD-XY-MP-02-09, HIT from KS-CLOUD-HK-CT-212-02
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
25459
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-XY-MP-02-09
ETag
"639975a1-6373"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
3213f06c1f8136bc59dc5bca642ee0bd
Expires
Sat, 25 Nov 2023 13:19:15 GMT
info-list-1.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/info-list-1.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-FZ-MP-33-21 /
Resource Hash
3ac8bc390f6a9a7adb216eb812ed697a394f1de5df38c73598015cb5ea77103d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 05:06:00 GMT
Age
323513
x-link-via
hkct212:443;fzmp33:80;
X-Cache-Status
HIT from KS-CLOUD-FZ-MP-33-21, HIT from KS-CLOUD-HK-CT-212-14
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
41228
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-FZ-MP-33-21
ETag
"639975a1-a10c"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
771de00973a7056188d60ce952807c51
Expires
Sun, 10 Dec 2023 05:06:00 GMT
info-list-2.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		39 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/info-list-2.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-XIANY-MP-01-21 /
Resource Hash
2c3d8a45adde4fb6eb4473585d3d629bfd0fbb9105200d0287d02ef75e3acfdc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:19:15 GMT
Age
1589918
x-link-via
hkct212:443;xianymp01:80;
X-Cache-Status
HIT from KS-CLOUD-XIANY-MP-01-21, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
39660
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-XIANY-MP-01-21
ETag
"639975a1-9aec"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
139e8cf36af9d666249fba7480d10c9e
Expires
Sat, 25 Nov 2023 13:19:15 GMT
info-list-3.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		30 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/info-list-3.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-FZ-MP-22-26 /
Resource Hash
990300c48d5f44cb447a3124704aae16d0f7c5f9a2b3aaea41762e70acd8457b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 19:29:53 GMT
Age
12480
x-link-via
hkct212:443;fzmp22:80;
X-Cache-Status
HIT from KS-CLOUD-FZ-MP-22-26, HIT from KS-CLOUD-HK-CT-212-22
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
31027
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-FZ-MP-22-26
ETag
"639975a1-7933"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
65fdd6177e6a0090033e53d8d9e03c7a
Expires
Wed, 13 Dec 2023 19:29:53 GMT
info-list-4.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		0
0
dline.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/dline.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-TAIZ-MP-07-09 /
Resource Hash
680205bea4669fc966336c9551ffb7c9ad8e3ef284595d7bc5119e3be434bef9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:19:15 GMT
Age
1589918
x-link-via
hkct212:443;taizmp07:80;
X-Cache-Status
HIT from KS-CLOUD-TAIZ-MP-07-09, MISS from KS-CLOUD-HK-CT-212-14
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3786
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-TAIZ-MP-07-09
ETag
"639975a1-eca"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
ed675d731551f8139f97ec6196b95b7d
Expires
Sat, 25 Nov 2023 13:19:15 GMT
1685787747996.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32019/ 		53 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32019/1685787747996.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-NT-MP-01-19 /
Resource Hash
b467647fd436673b2789e3fb399f8b34e3da6df6d9148a1b1c9995fefcc25b8c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:32:25 GMT
Age
1603528
x-link-via
hkct212:443;ntmp01:80;
X-Cache-Status
HIT from KS-CLOUD-NT-MP-01-19, HIT from KS-CLOUD-HK-CT-212-17
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
54393
Last-Modified
Sat, 03 Jun 2023 10:22:28 GMT
Server
Default-server-KS-CLOUD-NT-MP-01-19
ETag
"647b1464-d479"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
cba2dba0ec28a9fcc63483abbd230cef
Expires
Sat, 25 Nov 2023 09:32:25 GMT
1685786963149.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32017/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32017/1685786963149.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-32 /
Resource Hash
24c6a7975f9a292647cde396a98a648749432393e575c8025248d495f5b8da17
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:32:25 GMT
Age
1603528
x-link-via
hkct212:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-32, HIT from KS-CLOUD-HK-CT-212-25
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
47949
Last-Modified
Sat, 03 Jun 2023 10:09:23 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-32
ETag
"647b1153-bb4d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
f81a83907632ae3ac090f2acb3e74335
Expires
Sat, 25 Nov 2023 09:32:25 GMT
1685781303643.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32015/ 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32015/1685781303643.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-NT-MP-01-07 /
Resource Hash
f8957e78245984343952506b72708ae044c799a294be2a8f7b168ff6dd6a20eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 11:26:54 GMT
Age
1596659
x-link-via
hkct212:443;ntmp01:80;
X-Cache-Status
HIT from KS-CLOUD-NT-MP-01-07, HIT from KS-CLOUD-HK-CT-212-20
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
53037
Last-Modified
Sat, 03 Jun 2023 08:35:03 GMT
Server
Default-server-KS-CLOUD-NT-MP-01-07
ETag
"647afb37-cf2d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
abcebdb00189fdce3a538057349ad900
Expires
Sat, 25 Nov 2023 11:26:54 GMT
1683981521647.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32013/ 		56 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32013/1683981521647.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-QD-MP-02-26 /
Resource Hash
4f0b8ed227a509dd83bbb85ffef09ce17915293c8ef100d9553509de4426226a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 16:39:39 GMT
Age
22694
x-link-via
hkct212:443;qdmp02:80;
X-Cache-Status
HIT from KS-CLOUD-QD-MP-02-26, HIT from KS-CLOUD-HK-CT-212-22
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
57513
Last-Modified
Sat, 13 May 2023 12:38:41 GMT
Server
Default-server-KS-CLOUD-QD-MP-02-26
ETag
"645f84d1-e0a9"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
183fc6147f5b7ad2fdb65b9c51804e35
Expires
Wed, 13 Dec 2023 16:39:39 GMT
1683980837420.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32011/ 		51 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32011/1683980837420.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-10 /
Resource Hash
9681b06ad2f4d3a46619a3746a2b245fd12267dcfdd3b8a5c029f4f29ab0cc74
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:32:25 GMT
Age
1603529
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-10, HIT from KS-CLOUD-HK-CT-212-16
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
52449
Last-Modified
Sat, 13 May 2023 12:27:17 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-10
ETag
"645f8225-cce1"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
489ddfb00bf3349172cada81d4ec320c
Expires
Sat, 25 Nov 2023 09:32:25 GMT
1683980141069.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32009/ 		47 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32009/1683980141069.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-HA-MP-14-28 /
Resource Hash
b59231baff3739b73111c857d69795488b4359108162a9b40aafa7c0b452bebb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 10:22:20 GMT
Age
1600534
x-link-via
hkct212:443;hamp14:80;
X-Cache-Status
HIT from KS-CLOUD-HA-MP-14-28, HIT from KS-CLOUD-HK-CT-212-23
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
48445
Last-Modified
Sat, 13 May 2023 12:15:41 GMT
Server
Default-server-KS-CLOUD-HA-MP-14-28
ETag
"645f7f6d-bd3d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
cd201d106a541487da07e99447b0be86
Expires
Sat, 25 Nov 2023 10:22:20 GMT
1683979495158.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32007/ 		49 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32007/1683979495158.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-JN-MP-13-13 /
Resource Hash
744048c8ea8806d4eb2979faa0b1e2018095042b3859423bb96315f086a6ac9d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:32:25 GMT
Age
1603529
x-link-via
hkct212:443;jnmp13:80;
X-Cache-Status
HIT from KS-CLOUD-JN-MP-13-13, HIT from KS-CLOUD-HK-CT-212-18
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
50089
Last-Modified
Sat, 13 May 2023 12:04:55 GMT
Server
Default-server-KS-CLOUD-JN-MP-13-13
ETag
"645f7ce7-c3a9"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
ca4918ba6f6cc53ace59714c85ba9c7f
Expires
Sat, 25 Nov 2023 09:32:25 GMT
1682594621419.jpg.base64
0btgia.eveday.me/fserver/files/gb/0/game/32005/ 		47 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/0/game/32005/1682594621419.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-XY-MP-04-14 /
Resource Hash
90c29a2f0a25cf1c01573d3d2f45fa4554413cdd0bd70cc85ef975f4194c31fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 09:32:25 GMT
Age
1603529
x-link-via
hkct212:443;xymp04:80;
X-Cache-Status
HIT from KS-CLOUD-XY-MP-04-14, HIT from KS-CLOUD-HK-CT-212-14
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
48497
Last-Modified
Thu, 27 Apr 2023 11:23:41 GMT
Server
Default-server-KS-CLOUD-XY-MP-04-14
ETag
"644a5b3d-bd71"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-204
X-Cdn-Request-ID
eb1f96ac1d48a4728e58ed1eeda18b29
Expires
Sat, 25 Nov 2023 09:32:25 GMT
index-game-dec.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		301 KB
301 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/index-game-dec.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-45 /
Resource Hash
af4ee39e547ee58fa0cd2b4e529e4ef8014c17797e5c7d54d785dc99246e5bdc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:19:15 GMT
Age
1589919
x-link-via
hkct212:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-45, HIT from KS-CLOUD-HK-CT-212-19
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
307980
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-45
ETag
"639975a1-4b30c"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
14c0472d3c67db8fa7de88acb1b208d7
Expires
Sat, 25 Nov 2023 13:19:15 GMT
fc.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/fc.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-14 /
Resource Hash
39cbce0984a23738bc25794073b948543dc71550a24382e40bc5b15009475785
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:36 GMT
Age
1590738
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-14, HIT from KS-CLOUD-HK-CT-212-29
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
2096
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-14
ETag
"639975a1-830"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-204
X-Cdn-Request-ID
48e5de13e0f39cd0903e5ff88eaa0998
Expires
Sat, 25 Nov 2023 13:05:36 GMT
license-img.png.base64
0btgia.eveday.me/ftl/venetian140/images/ 		79 KB
80 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/license-img.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-FZ-MP-33-10 /
Resource Hash
d1d981aec4c9775c7882803ef421d65144059ffd131706b5959edaf1ecbbd552
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 04:46:24 GMT
Age
324690
x-link-via
hkct212:443;fzmp33:80;
X-Cache-Status
HIT from KS-CLOUD-FZ-MP-33-10, HIT from KS-CLOUD-HK-CT-212-24
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
81154
Last-Modified
Wed, 14 Dec 2022 07:05:05 GMT
Server
Default-server-KS-CLOUD-FZ-MP-33-10
ETag
"639975a1-13d02"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
6612d225005a9a472ef03e3f25197569
Expires
Sun, 10 Dec 2023 04:46:24 GMT
1482684137200.png.base64
0btgia.eveday.me/fserver/files/140/Logo/1/ 		36 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/140/Logo/1/1482684137200.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LIS-MP-12-31 /
Resource Hash
67859a51f0a62898af51a8ec7e72bfea2583c070ffae7582dee8cd4d8f927ae6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;lismp12:80;
X-Cache-Status
HIT from KS-CLOUD-LIS-MP-12-31, HIT from KS-CLOUD-HK-CT-212-16
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
37160
Last-Modified
Fri, 18 Nov 2022 03:02:06 GMT
Server
Default-server-KS-CLOUD-LIS-MP-12-31
ETag
"6376f5ae-9128"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
248be524b06f23b05a77979f3edf0afa
Expires
Sat, 25 Nov 2023 13:05:37 GMT
hot.gif.base64
0btgia.eveday.me/ftl/venetian140/images/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/hot.gif.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-20 /
Resource Hash
5cf107f61227d7ef030e6ee0533aee68f2d65091c9b5b6387dcdfa31c1d3e973
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-20, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1881
Last-Modified
Fri, 16 Dec 2022 09:35:04 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-20
ETag
"639c3bc8-759"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
28fe6731d8045b84e356b8602dc9a06e
Expires
Sat, 25 Nov 2023 13:05:37 GMT
hot.gif.base64
0btgia.eveday.me/ftl/venetian140/images/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/hot.gif.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-20 /
Resource Hash
5cf107f61227d7ef030e6ee0533aee68f2d65091c9b5b6387dcdfa31c1d3e973
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-20, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1881
Last-Modified
Fri, 16 Dec 2022 09:35:04 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-20
ETag
"639c3bc8-759"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
e9bf49c800f9ba72a2478b30eecd13fc
Expires
Sat, 25 Nov 2023 13:05:37 GMT
hot.gif.base64
0btgia.eveday.me/ftl/venetian140/images/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/venetian140/images/hot.gif.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-WH-MP-01-20 /
Resource Hash
5cf107f61227d7ef030e6ee0533aee68f2d65091c9b5b6387dcdfa31c1d3e973
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;whmp01:80;
X-Cache-Status
HIT from KS-CLOUD-WH-MP-01-20, HIT from KS-CLOUD-HK-CT-212-11
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
1881
Last-Modified
Fri, 16 Dec 2022 09:35:04 GMT
Server
Default-server-KS-CLOUD-WH-MP-01-20
ETag
"639c3bc8-759"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
4017bdd38987dfd09c8e86526e6df472
Expires
Sat, 25 Nov 2023 13:05:37 GMT
favicon_140.png.base64
0btgia.eveday.me/ftl/commonPage/images/favicon/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/images/favicon/favicon_140.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-28 /
Resource Hash
0bf29502b974b9d880936d8d3628937535a1d4e75d90625bdc0bc4be7e7088e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-28, HIT from KS-CLOUD-HK-CT-212-22
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3538
Last-Modified
Mon, 05 Dec 2022 08:15:08 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-28
ETag
"638da88c-dd2"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
6d94147817cfbb115544a07ade9f9827
Expires
Sat, 25 Nov 2023 13:05:37 GMT
favicon_140.png.base64
0btgia.eveday.me/ftl/commonPage/images/favicon/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/ftl/commonPage/images/favicon/favicon_140.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-13-28 /
Resource Hash
0bf29502b974b9d880936d8d3628937535a1d4e75d90625bdc0bc4be7e7088e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;ldmp13:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-13-28, HIT from KS-CLOUD-HK-CT-212-22
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
3538
Last-Modified
Mon, 05 Dec 2022 08:15:08 GMT
Server
Default-server-KS-CLOUD-LD-MP-13-28
ETag
"638da88c-dd2"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
f9c3d2a13395efb15063bcd3eac6a853
Expires
Sat, 25 Nov 2023 13:05:37 GMT
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0230014bbce141220e96c4aff74ed94846f657a2c01fef168a9b33a35a5ecf8f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		341 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f059b931c195ca6857abe3e8b1882c7b89e04f6d731068d95b0f997d28ba9e1c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a6e35ae1ee2ef10e391dc4c225299ac397eeb5ae36bc74a04239f0e149e1fd0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbbcdd7478e7e2e51b541b3775ae535a7d3e646d8bbbcd924c5a7ac0b5d5a6cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bf3a27e976d9bbcda5f862204b4ff1386b93fcc78996df7f8c834582f26976f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04187874ad2e125bbbcfcd8043e79929d007e1f37441efbfbbc16208ea0efa83

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c41c80b867e3736f92b6c4e446a81bcd4ba684470255c3d99fdf60bbe77bcc98

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/undefined
truncated
/ 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
726e9d5a9eb79daa8cac66154bb756e56f37ce77a14a54d7ce86ab213c451e05

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db3f6625d150006bcdb6cf86e54bc64f09375bee838cb691d94e5b13f76b9fd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		40 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
711d636bf102ab0113333935bdf4ba24d69ef38d528385910e6f4294758ad6a0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
1640158387564.png.base64
0btgia.eveday.me/fserver/files/gb/140/carousel/10219/ 		150 KB
151 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/140/carousel/10219/1640158387564.png.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-12-13 /
Resource Hash
fa8d9454ac55e59547d53bff4f2575b6388c58a50c840711baa4f58e356ef8bd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:05:37 GMT
Age
1590737
x-link-via
hkct212:443;ldmp12:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-12-13, HIT from KS-CLOUD-HK-CT-212-28
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
153677
Last-Modified
Fri, 18 Nov 2022 04:59:55 GMT
Server
Default-server-KS-CLOUD-LD-MP-12-13
ETag
"6377114b-2584d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
ba317b009cefa0e80f3eb3fac974d0b6
Expires
Sat, 25 Nov 2023 13:05:37 GMT
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1898ee54bcb0b0398f1289901f5ba803f43b1cd88fa9e4879c809ff2d2972e98

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d2bcf6e7b6bce6ab69df0edb47b0efdc28cb131f67069ff03f632ed17fcefb1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0814e78fa81fe2c9865e631f18debacfc7787489fdfc6ba575d014d792f0ac12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cebe647ef31427c9e0f98f38f1b99a3bf0e5d6632f5fab20a97b114ee5642f92

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94e797e8adc45afe7be40089cfc47913f1e21c1910c97fc12b8ae413ce55c39c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		37 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c610677495aa4e902611fc59790765044a91057fa7f5bd41287bd81b816f53d5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		223 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f4ec7799e07d7aab975b59d8e92dfd936debeec7a10328dc86a9688e51f3300

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c34ed994680ca6446b85dd47aa963cd4cfdd07180a9517b4d7d37f3c7a1b94cd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca653c7ea78ce3edd9da5364a3b5a7ba51c70c7584b1ee754a6c982aebe6767

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
813e6c163fecce6859c6f488d83514b5c7b5a33d07d96c3e972a4884919b82f6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		111 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e057054020c9940567c540aa7418082d642ec313f7e86eb3be150e5a4a40b980

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/webp
1592188472922.jpg.base64
0btgia.eveday.me/fserver/files/gb/140/carousel/10200/ 		345 KB
346 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/140/carousel/10200/1592188472922.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-LD-MP-12-21 /
Resource Hash
8b7108b95ae7ef5ecd87301ab80ca463ab2a456f601b6b6500cc13cedc070dd0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 13:19:19 GMT
Age
1589917
x-link-via
hkct212:443;ldmp12:80;
X-Cache-Status
HIT from KS-CLOUD-LD-MP-12-21, HIT from KS-CLOUD-HK-CT-212-25
X-Cache
MISS
Connection
keep-alive
uuid
-
Content-Length
353581
Last-Modified
Fri, 18 Nov 2022 04:59:54 GMT
Server
Default-server-KS-CLOUD-LD-MP-12-21
ETag
"6377114a-5652d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
f19c456208b43f577c4db2384330397d
Expires
Sat, 25 Nov 2023 13:19:19 GMT
truncated
/ 		256 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c741e7202a2dc920d3daf9a99e54ff85f3d495e7aec04b75f3aa786bd6727c3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/webp
1546515237881.jpg.base64
0btgia.eveday.me/fserver/files/gb/140/carousel/10109/ 		343 KB
344 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0btgia.eveday.me/fserver/files/gb/140/carousel/10109/1546515237881.jpg.base64
Requested by
Host: 0btgia.eveday.me
URL: https://0btgia.eveday.me/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:615:6e01:afd4:1::9 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Default-server-KS-CLOUD-FZ-MP-22-26 /
Resource Hash
1269610f770dbcfbac59121935b29a387db96c2b35365fa7c3d4746d4714405f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://305838.com:8989/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 04:13:47 GMT
Age
413052
x-link-via
hkct212:443;fzmp22:80;
X-Cache-Status
HIT from KS-CLOUD-FZ-MP-22-26, HIT from KS-CLOUD-HK-CT-212-19
X-Cache
HIT
Connection
keep-alive
uuid
-
Content-Length
351158
Last-Modified
Fri, 18 Nov 2022 04:59:49 GMT
Server
Default-server-KS-CLOUD-FZ-MP-22-26
ETag
"63771145-55bb6"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
out-line
gb-cdn-205
X-Cdn-Request-ID
6b46d15c6fb3781088de720533d18358
Expires
Sat, 09 Dec 2023 04:13:47 GMT
truncated
/ 		254 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56ac8c0c2ae3bb0bccc324e7bae990ea2f1ba524ccf41cf8f3c4f6251d737e9a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/webp

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
0btgia.eveday.me
URL
https://0btgia.eveday.me/ftl/venetian140/images/info-list-4.png.base64

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| imgRoot string| randomstr string| apiRoot boolean| hasHg function| $ function| jQuery function| MSiteComet function| MSiteCometMarathon function| MSitePopUp function| showDialog object| base64List object| nonBase64List string| resRoot string| wsRoot string| mdRoot string| fltRootPath boolean| useBase64 string| language string| timeLanguage object| message function| lazyload function| LazyLoad function| responsive function| iealert function| blink function| textBlink object| carousels string| userAgent boolean| isChrome undefined| myFlash object| jQuery1113018706044432840008 function| BootstrapDialog object| layer object| NiceScroll function| moment object| carouselAdDialogContent boolean| adDialogsSwitch number| timestamp string| temp_timestamp number| newTimestamp boolean| nonUseBase64 string| cdnUrl string| sitePath string| templateName string| cdnFtlPath function| getFileExtension function| replaceInfo function| loadStyleString function| replaceAttribute string| dataPage function| md5 function| floatV5Main string| activityMessageId string| redBagTheme number| readFloat function| getFloat function| canShowLottery function| closePage function| openRule function| closeRule function| lottery function| showLotteryMessage function| onceAgain function| layerLangDialogIndex function| langDialog function| filterSwitchedLanguage string| imgPath function| homeDialog function| getUpdateTime function| getMultiADContent function| getSingleADContent function| layerMultiDialogIndex function| loadImage function| getLink function| goToPCenter object| initCaptcha function| checkSignSwitch function| replaceEvoToNt boolean| isOpenCaptcha number| captchaType string| timezoneTran string| dateTimeFromat number| userTimeTimerId undefined| balanceQueryTriggerLimitTimer undefined| balanceAutoRefreshTimer string| HIDE_BALANCE_COOKIE_KEY string| REFRESH_BALANCE_TIME string| PAGE_LANGUAGE boolean| importAccount number| siteId string| af_web_key undefined| userId function| delateTip string| current_language function| transWebUrlSlide function| initMenuEvents function| createDesktop function| doSave function| SetHome function| AddFavorite function| noticeDialog function| noticeChangePageAjax function| setCookie function| getCookie function| closeIframeAlert function| getlocationParam function| maintainCheck function| layerRatioDialog function| handleMt function| maintainInfo function| transTimeZone function| getApiName function| getApiKey function| openNewPopWindow function| forgetUsername function| support function| getCustomerService function| getApiBalance function| getNotAutoPayApiBalance function| userTime function| changeTimeTimer function| apiLogin function| unLoginLottery function| gameMessage function| apiLoginDemo function| lotteryDemo function| createFreeAccount function| currentPage function| getXjPage function| apiLoginReal function| changeBalanceHide function| balanceStatus function| hideBalanceIfModeHide function| enterLogin object| loginObj function| changeLoginStatus function| game_demo function| afterLogin function| login function| openVerify function| verify function| openSecondVerify function| doSecondVerify function| importPlayer function| cancelVerify function| dropdownOpen function| Logout function| liveAccordion function| loginPlayer function| recoveryApi function| getNewDate function| isAllowRecoveryApi function| autoGetApiBalance function| getSingleApiBalance function| getAllApiBalance function| dialogMsg function| showAnnouncement function| maxGameTag function| gameCollect function| gameScore function| gameTagList function| myCollectList function| myRecentlyList function| layerDialogNormal function| closeIframeLayerDialog function| layerDialogDownload function| layerDialogForgetAccount function| layerDialogNotice function| layerDialogRegister function| getQRcode function| qrcode string| rgb function| PlaySound function| StopSound function| handleLocationParam function| getCommunity number| c_start number| c_end boolean| fpixelid undefined| script undefined| noscript undefined| img undefined| head undefined| kpixelid function| firstIntoHome undefined| pathnameUrl undefined| originUrl undefined| kpixelid_val undefined| click_id_val undefined| pixel_id_val undefined| kwaiParams string| page undefined| facebookClientId undefined| facebookRedirectUrl undefined| googleClientId undefined| googleRedirectUrl undefined| clientSecretParam undefined| zaloClientId undefined| zaloRedirectUrl undefined| ouathLoginWindow function| getLoginParam function| socialLogin function| receiveMessage function| postData boolean| isLogin function| rebate boolean| nt string| REGSTER_SEND_EMAIL_TIME string| REGSTER_SEND_PHONE_TIME function| init object| myLive_num object| myLottery_num object| myCasino_num object| mySports_num object| myChess_num

3 Cookies

Domain/Path Name / Value
305838.com/ Name: _LANGUAGE
Value: zh_CN
305838.com/ Name: sticket
Value: U9TNHlORGt1TXpjNk
305838.com/ Name: route
Value: 61ee84c9f68236309da705261df10e5a

1 Console Messages

Source Level URL
Text
network error URL: https://0btgia.eveday.me/ftl/commonPage/js/idangerous.swiper.min.js
Message:
Failed to load resource: the server responded with a status of 504 (Gateway Time-out)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0btgia.eveday.me
305838.com
0btgia.eveday.me
20.239.57.18
240e:615:6e01:afd4:1::9
0230014bbce141220e96c4aff74ed94846f657a2c01fef168a9b33a35a5ecf8f
04187874ad2e125bbbcfcd8043e79929d007e1f37441efbfbbc16208ea0efa83
049d97385bf533afb6ae14b3daf09bb5491a6afb7a2fffedf82b80ef7b573093
06f8ed1f6a3545e7db746ce052b87294aab1305216c5b8b2c52b0a7addb7030e
0814e78fa81fe2c9865e631f18debacfc7787489fdfc6ba575d014d792f0ac12
0bf29502b974b9d880936d8d3628937535a1d4e75d90625bdc0bc4be7e7088e9
0c741e7202a2dc920d3daf9a99e54ff85f3d495e7aec04b75f3aa786bd6727c3
0e05dfbd130f8a76bf460cd94acbe68d393327b6014f100bb60dc0ef293384a9
0f4ec7799e07d7aab975b59d8e92dfd936debeec7a10328dc86a9688e51f3300
1269610f770dbcfbac59121935b29a387db96c2b35365fa7c3d4746d4714405f
1898ee54bcb0b0398f1289901f5ba803f43b1cd88fa9e4879c809ff2d2972e98
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
24c6a7975f9a292647cde396a98a648749432393e575c8025248d495f5b8da17
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
26fd674a916918ec9b8dc6cab7212074e969ab50ada4085f36f2983ff2354bb8
2c3d8a45adde4fb6eb4473585d3d629bfd0fbb9105200d0287d02ef75e3acfdc
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
31054298069692888dfd709a25048f988c49ef304f55e2f6b31a26bac0cbfd2f
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
36b4fe337b2c270b01f3e493f2131d6faaf9ab347f09c464317bdd7cb46165bc
382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
39cbce0984a23738bc25794073b948543dc71550a24382e40bc5b15009475785
3ac8bc390f6a9a7adb216eb812ed697a394f1de5df38c73598015cb5ea77103d
3dbdcc60c380dfaa0f567f06a8afd5dc9d6d94f32750125568c2dd3ec3a4bf3e
42a5a785e7ab2956f273d32e8c4a03e91a57a1c55cc9e952da66724bd9d48b5b
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
461309b26a131743a71bf817b58431fe501201882333a1794d74d38d75d657de
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
4f0b8ed227a509dd83bbb85ffef09ce17915293c8ef100d9553509de4426226a
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
56ac8c0c2ae3bb0bccc324e7bae990ea2f1ba524ccf41cf8f3c4f6251d737e9a
56ba11ff6d846a03a4abaedfcdcc8d9d983b62bf645225f9dfdd0dc05579e2bc
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
5cf107f61227d7ef030e6ee0533aee68f2d65091c9b5b6387dcdfa31c1d3e973
5d2bcf6e7b6bce6ab69df0edb47b0efdc28cb131f67069ff03f632ed17fcefb1
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
62d42ad32826bb988685bd65b4d26626710e62d955a459646755dece686667a3
62da15aa96109e7ce01116f8e210574bab55d6574a084546a5812499e2baf4de
65fb28307f0e7dab5229b7782304aa39c9b27436a9a7cdd0dc12392a000fcef0
67859a51f0a62898af51a8ec7e72bfea2583c070ffae7582dee8cd4d8f927ae6
680205bea4669fc966336c9551ffb7c9ad8e3ef284595d7bc5119e3be434bef9
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
706921514fae85303fe2910ac2259193edc61f6f449aface09cf46ed322b8100
711d636bf102ab0113333935bdf4ba24d69ef38d528385910e6f4294758ad6a0
726e9d5a9eb79daa8cac66154bb756e56f37ce77a14a54d7ce86ab213c451e05
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
744048c8ea8806d4eb2979faa0b1e2018095042b3859423bb96315f086a6ac9d
7de030300f5c83d47f1cbc6e99b314fb75f623223f815be5f67539c7da2a6e72
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
8099e1357a282f7c140c1caf25a6755ab40c17fd82b5e61e5ca7f6735b896fb8
813e6c163fecce6859c6f488d83514b5c7b5a33d07d96c3e972a4884919b82f6
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
8ab96376ffdd0c244a51258d45056424011a06e8e568975f43a73b21710188cf
8b7108b95ae7ef5ecd87301ab80ca463ab2a456f601b6b6500cc13cedc070dd0
8d528d6925227b7334cc475633d9be68ae90249a3b797e8946eee06e34cde991
8ef697cfd677e9ce2d36bed2bcdaa35e3635fcda3ff7efaa4ce95ece03af5306
90c29a2f0a25cf1c01573d3d2f45fa4554413cdd0bd70cc85ef975f4194c31fb
94e797e8adc45afe7be40089cfc47913f1e21c1910c97fc12b8ae413ce55c39c
9681b06ad2f4d3a46619a3746a2b245fd12267dcfdd3b8a5c029f4f29ab0cc74
990300c48d5f44cb447a3124704aae16d0f7c5f9a2b3aaea41762e70acd8457b
9a6e35ae1ee2ef10e391dc4c225299ac397eeb5ae36bc74a04239f0e149e1fd0
9bf3a27e976d9bbcda5f862204b4ff1386b93fcc78996df7f8c834582f26976f
9dc2819067f88d5434200007fc0e56251835f85b2f4797f956a4c6fe3a4beeb9
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
a078abafec635097a146ca37eb1bbf28f707ccdd6e6ff13c7aca631ce745916e
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
a964def3dc46f0e24689d91810c5d86eb547a5127c730d0449e5921ac5ff2671
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
aaf4d4e55186bce553cfa944c6fd1cb2b85a843c59ff2b8900c0ef5612946979
ad194b3c9e03ab63b64bccd568d8c277db23a273c5ac4f3ef670decb7417a7ed
add31726fe96613d27eadba2f731e4d5c52037747add05d6b8376123791061fe
af4ee39e547ee58fa0cd2b4e529e4ef8014c17797e5c7d54d785dc99246e5bdc
b467647fd436673b2789e3fb399f8b34e3da6df6d9148a1b1c9995fefcc25b8c
b59231baff3739b73111c857d69795488b4359108162a9b40aafa7c0b452bebb
bd72c6aeb4a6b0eb374d98f6d59242487db906a81d2af54950be419271266642
bf7b057ae309e2de08d7685b5444d7dc0a5fc87bfc0803855d6f76a68a6ace32
c21ea3fa1405be86872b0bdcdfc997e3939100dcb7ce7747c2a29b2a2bb2fc45
c34ed994680ca6446b85dd47aa963cd4cfdd07180a9517b4d7d37f3c7a1b94cd
c41c80b867e3736f92b6c4e446a81bcd4ba684470255c3d99fdf60bbe77bcc98
c610677495aa4e902611fc59790765044a91057fa7f5bd41287bd81b816f53d5
cebe647ef31427c9e0f98f38f1b99a3bf0e5d6632f5fab20a97b114ee5642f92
d0aa0fc4c3fcea7c7b2b94161c8d303c04d81bedb7bfc3f476dd451b3e0b0512
d1d981aec4c9775c7882803ef421d65144059ffd131706b5959edaf1ecbbd552
d82c7ccee1a5ead511a16749ce2ed715ab309e75832ac739f983745c7cd98d48
db3f6625d150006bcdb6cf86e54bc64f09375bee838cb691d94e5b13f76b9fd7
dbbcdd7478e7e2e51b541b3775ae535a7d3e646d8bbbcd924c5a7ac0b5d5a6cb
dca653c7ea78ce3edd9da5364a3b5a7ba51c70c7584b1ee754a6c982aebe6767
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
e057054020c9940567c540aa7418082d642ec313f7e86eb3be150e5a4a40b980
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
e46babedb98cb0cf2016d9422cb1f34973fd9626c71ec06ee21b63b2e89b0842
e6da5fbd882b42be4f6db155b8eceeecef5decd48a275d0de72f507312dca34c
ef715b01d3ad6b5b02b0950812ac1546a874f3ad12ad13a9cf7ab2c8f88bd9d9
f04ed64e7e89277da7423918c7708c5c3a6cfb2dc353e5ad8a340e55a160d3e3
f059b931c195ca6857abe3e8b1882c7b89e04f6d731068d95b0f997d28ba9e1c
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
f8957e78245984343952506b72708ae044c799a294be2a8f7b168ff6dd6a20eb
fa8d9454ac55e59547d53bff4f2575b6388c58a50c840711baa4f58e356ef8bd
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
fcf7c331900b160a7f786af9b113b2d663d0195fbca9f95154b66542a6f77965