Domain d.6688.bar
United States
GOOGLE-CLOUD-PLATFORM
Software information

deno gcp-europe-west3

tcp/443

  • GraphQL introspection is enabled.
    First seen 2025-10-23 04:30
    Last seen 2026-01-23 12:06
    Open for 92 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db2337d3d62ca028295cf7468b05e1116626749d0128ea5de1

      GraphQL introspection enabled at /api/graphql
Types: 75 (by kind: ENUM: 3, INPUT_OBJECT: 15, OBJECT: 48, SCALAR: 9)
Operations:
- Query: Query | fields: bull, bull_aggregated, bull_by_id, bull_by_version, img_info
- Subscription: Subscription | fields: bull_mutated, directus_files_mutated, img_info_files_mutated, img_info_mutated, lottery_history_mutated
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
      Found on 2026-01-23 12:06
      146.2 kBytes
    Create report

  • Open service 34.120.54.55:443 · d.6688.bar

    2026-01-23 12:06 

    HTTP/1.1 200 OK
transfer-encoding: chunked
cf-cache-status: DYNAMIC
cf-ray: 9c272a4c1bf71d0c-FRA
content-type: text/html; charset=utf-8
date: Fri, 23 Jan 2026 12:06:28 GMT
frame-options: SAMRORIGIN
last-modified: Tue, 05 Aug 2025 11:38:57 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aL3rA%2F9cFLTlb19dstP0WfWOxnlvxzjFpLdpnfJC9%2FJHI31j%2BF64QpqW882nSDt6FU2mC3dRXYR3rvqC5gxxzrB1oICEzabiCYhJQQ%3D%3D"}]}
server: deno/gcp-europe-west3
vary: Accept-Encoding
x-aspnet-version: 9.0
x-server-version: 9.0
connection: close
via: http/1.1 edgeproxy-h

Page title: 台灣體育彩券官方

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <script src="https://polyfill.alicdn.com/polyfill.min.js?flags=gated"></script>
    <!-- 单独静态js -->
    <script src="./envconf.js" onerror="return false"></script>
    <link rel="icon" href="./favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>台灣體育彩券官方</title>
    <style>
      [v-cloak] {
        display: none;
      }
    </style>
    <script>
      /**
       * 安全地解析路径,并保留 query 和 hash
       * @param {string} inputPath 要解析的路径或 URL 字符串
       * @param {string} baseUrl 基础 URL(必须为可信域名)
       * @returns {URL|null} 安全解析后的 URL 对象,失败返回 null
       */
      function safeResolveUrl(inputPath, baseUrl) {
        // 确保 base 是合法 URL
        let safeBase
        try {
          safeBase = new URL(baseUrl);
        } catch (e) {
          console.error("Invalid base URL:", baseUrl);
          return null;
        }

        const path = (inputPath || "").trim();

        // 检查是否是完整的外部 URL(以 http(s):// 开头)
        if (/^[a-zA-Z][a-zA-Z0-9+.-]*:\/\//.test(path)) {
          console.warn("拒绝解析完整外部 URL:", path);
          return null;
        }

        if (path.startsWith("//")) {
          console.warn("拒绝解析协议相对路径:", path);
          return null;
        }

        let url;
        try {
          url = new URL(path, safeBase);
        } catch (e) {
          console.warn("URL 解析失败(非致命错误):", e.message);
          url = new URL(safeBase.origin);
          url.pathname = "";
          url.search = "";
          url.hash = "";
        }

        const cleanedPathname = url.pathname.replace(/\/+/g, "/");

        if (url.origin !== safeBase.origin) {
          return null;
        }

        const safeUrl = new URL(url.href);
        safeUrl.pathname = cleanedPathname;

        return safeUrl;
      }
    </script>
    <script>
      function replaceImageDomain(img) {
        if(!img){
          return;
        }
        let oldDomainReg = /^https?:\/\/(w0\.)?ttaa\.pw\//;
        let newDomain = "https://xqyimg.498.one\/"; //location.hostname;
        let src = img.src;
        if(!img.getAttribute("data-src")){
          img.setAttribute("data-src",src)
        }
        if(!img.getAttribute("loading")){
          img.setAttribute("loading","lazy")
        }
        /*if( src.includes("autoload")){
            
            const first = new URL(img.getAttribute("src"));
            const path = first.pathname;
            //const newDomain = "https://img.496.lol/";
            const href = new URL(path, newDomain);
            img.setAttribute("src", href);
        }*/
          

        if (src.match(oldDomainReg) && src.indexOf("autoload") != -1) {
          img.src = src;//newDomain + src;// src.replace(oldDomainReg, );
          img.setAttribute("data-new", "1");
        } else {
          img.setAttribute("data-new", "1");
        }

        img.onerror = function () {
          if (img.getAttribute("data-error")) {
            return;
          }
          img.setAttribute("data-error", "1");
          try {return;
            const first = new URL(img.getAttribute("src"));
            const path = first.pathname;
            const newDomain = "https://img.496.lol/";
            const href = safeResolveUrl(path, newDomain);
            img.setAttribute("src", href);
          } catch (error) {}
        };
      }

      function processExistingImages() {
        let images = document.querySelectorAll("img");
        images.forEach(replaceImageDomain);
      }

      let observer = new MutationObserver(function (mutations) {
        mutations.forEach((mutation) => {
          mutation.addedNodes.forEach(function (node) {
            if (node.nodeType === Node.ELEMENT_NODE) {
              if (node.tagName === "IMG" && !node.getAttribute("data-new")) {
                node.setAttribute("data-ne
    Found 2026-01-23 by HttpPlugin
    Create report
d.6688.bar
Fingerprint:
a38496bba519ae878602da8e77b6a2d4dc3acaeaa914673bfd6c4c344e8bd171
CN:
d.6688.bar
Key:
ECDSA-256
Issuer:
E8
Not before:
2025-12-22 03:32
Not after:
2026-03-22 03:32
Domain summary

d.6688.bar 1

1 recorded
IP summary

34.120.54.55 2

1 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice