Report - x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=326215b94a735655ded89b70bb9cdd1e71714798853_1205042/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258

Report Overview

Submitted URL
x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=326215b94a735655ded89b70bb9cdd1e71714798853_1205042/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
IP
154.210.56.89
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Submitted
2024-05-04 06:11:48
Access
public
Website Title
bet365
Final URL
x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Tags
bet365 gambling phishing
urlquery detections
Phishing - Bet365

Detections

urlquery
18
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
x04323.com	unknown	2022-09-01	2022-09-11	2024-03-25	7.2 kB	90 kB	154.210.56.89
etmqz9.innittapp.com	unknown	2015-03-05	2024-03-21	2024-04-18	10 kB	183 kB	103.198.200.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-21	medium	x04323.com/	Bet365
2024-03-21	medium	x04323.com/	Bet365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (30)

URL IP Response Size

x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=326215b94a735655ded89b70bb9cdd1e71714798853_1205042/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734

154.210.56.89

0 B

URL
x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=326215b94a735655ded89b70bb9cdd1e71714798853_1205042/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
IP
154.210.56.89:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=326215b94a735655ded89b70bb9cdd1e71714798853_1205042/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734 HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Sat, 04 May 2024 06:10:59 GMT
Location: https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Content-Length: 0

x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734

154.210.56.89

200 OK

2.0 kB

URL User Request GET HTTP/1.1
x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
IP
154.210.56.89:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (658)
Size
2.0 kB (1960 bytes)
Hash
4b5ebc451025c083520450a17dcc7017
beeebc281ea65cf3fe407d954ac1c022ff12e549
2297d6971dc31f24fcb20d114dddf8e5613f5a49b0e074978fdd0b99b7c7be46

HTTP Headers

GET /?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734 HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked

x04323.com/favicon.ico

154.210.56.89

1.4 kB

URL
x04323.com/favicon.ico
IP
154.210.56.89:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

File type
HTML document, Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
a1eb29a449c4391b1f7f8a9092e15b86
0d9e8e96eb9a611c9b3f252890002db4c6028414
b8f303c523d65a57cb1123224665ec3cd01c25a40fb3f287fbc3b9a0c5cce296

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked

154.210.56.89

302 Found

0 B

URL User Request GET HTTP/1.1
x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=37d87f8c77eebdddbda25e6ff0b992dbf1714803065_1215174
IP
154.210.56.89:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734&__CBK=37d87f8c77eebdddbda25e6ff0b992dbf1714803065_1215174 HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 0
Location: /?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734

154.210.56.89

200 OK

74 kB

URL User Request GET HTTP/1.1
x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
IP
154.210.56.89:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (624)
Size
74 kB (74462 bytes)
Hash
b2acc226f2875a0e95b9da33af6502bd
8fa9eaac7dcb296ecc8c00064bf7b0b4005e2daa
cdc2952989c38e8516619ec3d2b6bb32238089ab429d0bb1dc4a99efe9c60633

HTTP Headers

GET /?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734 HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Sat, 04 May 2024 06:11:38 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; Path=/
_LANGUAGE=zh_CN; Path=/
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1714803098e695
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked

x04323.com/message_zh_CN.js?v=1714556748154

154.210.56.89

200 OK

9.9 kB

URL GET HTTP/1.1
x04323.com/message_zh_CN.js?v=1714556748154
IP
154.210.56.89:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (18069)
Size
9.9 kB (9892 bytes)
Hash
8e3a3463437bc8b56e112f0b87b6a0d0
dfaac70f23b58a771856460bb00aebc5fcadb2ce
0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /message_zh_CN.js?v=1714556748154 HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; _LANGUAGE=zh_CN
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Sat, 04 May 2024 06:11:14 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sun, 05 May 2024 06:11:14 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-17148030748e0e
out-line: gb-source-106
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 9892

etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css

103.198.200.1

200 OK

6.0 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
6.0 kB (5961 bytes)
Hash
3ee32cc28bee77ec29467a03b69b0574
36f7c705f1419e6c6840b85f8dd12e379b16c066
4c479d007576da5d4a485513250d8c69d280b5392d54e3516f53140234a532db

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5961
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"631d86f0-7005"
Date: Sat, 20 Apr 2024 12:00:57 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
Expires: Mon, 20 May 2024 12:00:57 GMT
Age: 1188643
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: d3ce69ec432c4600ecab26eab90e79b1

etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css

103.198.200.1

200 OK

6.3 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.3 kB (6253 bytes)
Hash
4f6eba52b6bdba2bd8154d39c61fcaab
11a91e977ab64175dc2ec233d45c6cf9d34798b0
b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64ad1569-7b6e"
Date: Sat, 20 Apr 2024 12:00:57 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Mon, 20 May 2024 12:00:57 GMT
Age: 1188643
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 7bd8167405b065aa7e59a0df298371e2

etmqz9.innittapp.com/ftl/commonPage/js/float.js

103.198.200.1

200 OK

1.9 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/float.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"612747ba-1b2f"
Date: Sat, 20 Apr 2024 12:00:13 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Mon, 20 May 2024 12:00:13 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: fe6421073d1b880b3ec268110a97bdd9

etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

103.198.200.1

200 OK

34 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"5d848f4f-176d4"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 29dc8eb66ab7bb651cfba18f6bad95c5

etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js

103.198.200.1

200 OK

4.0 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"60f60fb5-43bc"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: b9c3ddeb9d63ced2b1eae880198096f0

etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js

103.198.200.1

200 OK

12 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32034)
Size
12 kB (11957 bytes)
Hash
f15409fb02c527ce1f66a2fd3c4aa0e9
1e1e1bcc0f49e99e14ba34991cffe0745178d302
1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64d5b951-b083"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 003acaa6a474f7512d8f0521b82062a3

etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js

103.198.200.1

200 OK

3.3 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"6260ddd4-2f13"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 190f7444270ff7669a881c67761fad0b

etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js

103.198.200.1

200 OK

797 B

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"6260ddd4-828"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 0efbcd4d3ce4f33d424b61aa3fac2f27

etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js

103.155.16.137

200 OK

5.0 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"5d848f4f-4ea4"
Date: Sun, 21 Apr 2024 08:05:00 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:05:00 GMT
Age: 1116401
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: c008a1c456aa2e7be3674895629950f4

etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js

103.198.200.1

200 OK

2.7 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.7 kB (2731 bytes)
Hash
58f1a7fa1a19b0e5ad0a5bad974b98cf
6963ce7378e6c992de06e7e77d79432a0d38f54d
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64d05f66-2f79"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 4553a8dd4508ffbae9c0089928cc1ba4

etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js

103.198.200.1

200 OK

16 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (11056)
Size
16 kB (15779 bytes)
Hash
4007cfe0a95df1d6a9f4252e636f995f
b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"64ddbaed-ee5c"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: e61ef5cd9a3af2b771e8a8e9095ee806

etmqz9.innittapp.com/ftl/commonPage/js/layer.js

103.198.200.1

200 OK

7.6 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/layer.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-55f6"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 6beda860f45ca4ddf464f8683cca4831

etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

103.155.16.137

200 OK

17 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"5d848f4f-fc8b"
Date: Sun, 21 Apr 2024 08:04:49 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:04:49 GMT
Age: 1116413
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cdn-Request-ID: d05885fe60e52f7d590cacb46c63e57c

etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

103.198.200.1

200 OK

1.4 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-1151"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: a1b9159eb74ded287cb0491506fcf9f0

etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

103.198.200.1

200 OK

7.7 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"655579ca-6caf"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: 4782bfabeccecf104320be26b232665b

etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

103.198.200.1

200 OK

4.1 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"655579ca-3a09"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: e82186d62a6a0deaedbd30e1a2000946

etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css

103.155.16.137

200 OK

911 B

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
ASCII text
Size
911 B (911 bytes)
Hash
1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: W/"5d848f4f-b5d"
Date: Sun, 21 Apr 2024 08:05:01 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:05:01 GMT
Age: 1116401
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: e141a9e98933642fb47949e8f2e47167

etmqz9.innittapp.com/ftl/commonPage/js/moment.js

103.198.200.1

200 OK

27 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/moment.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
27 kB (26968 bytes)
Hash
36c8f828395a9395549bd6e7307cb7e9
f30a4961558e2d3d4405e7d93aa28fdb63245e78
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64b633ca-1cab9"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1188687
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 1b70bc50c57ff4775b5f2fc12d32dd95

etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css

103.198.200.1

200 OK

3.8 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"633d510e-2d52"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1188643
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: dc7de2f9c5a315dad9defd355dd53c7b

etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js

103.198.200.1

200 OK

2.1 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.1 kB (2076 bytes)
Hash
cc13495ac566c04d5972da9c11a1d870
d9be95a44caff4e4c1d758d0b29236db286ed5b7
ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2076
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"615584f5-1be5"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1188688
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 0972074ab29eabf40bd2a84e154cd495

etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1714556748154

103.198.200.1

200 OK

5.2 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1714556748154
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1714556748154 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"633d510e-7fd7"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1188689
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: f37b116a64159666a72a2481da46b8cb

etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css

0.0.0.0

0 B

URL GET
etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
IP
0.0.0.0:0
ASN
#0

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

x04323.com/captcha/loginTop.html?t=jhzptiaj

0.0.0.0

0 B

URL GET
x04323.com/captcha/loginTop.html?t=jhzptiaj
IP
0.0.0.0:0
ASN
#0

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Cookie: route=b4fd844c80a97ccc2b0bc1faae1a3e4c; _LANGUAGE=zh_CN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

0.0.0.0

0 B

URL GET
etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://x04323.com/?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734/mobile-client/index/index.html?__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734__cbk=344a1c9de585f00614db5436c3f1373c71714699258_1004734
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (30)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by