Report - x04322.com/?__CBK=3860818d0c288d4af6224bcb4201f2d011714111916

Report Overview

Submitted URL
x04322.com/?__CBK=3860818d0c288d4af6224bcb4201f2d011714111916_17979458
IP
154.210.57.76
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Submitted
2024-04-26 07:23:39
Access
public
Website Title
bet365
Final URL
x04322.com/
Tags
bet365 gambling phishing
urlquery detections
Phishing - Bet365

Detections

urlquery
42
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
x04322.com	unknown	unknown	No data	No data	8.6 kB	111 kB	154.210.57.76
etmqz9.innittapp.com	unknown	2015-03-05	2024-03-21	2024-04-18	23 kB	1.5 MB	103.155.16.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365
2024-04-25	medium	x04322.com/	Bet365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (41)

	URL	Size	First Seen	Last Seen
	x04322.com/	29 B	2023-03-07	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:13 Times Seen1855 Hash 9846b4b0c961f85e4c150bd29f4b86e1 adf30369fc215e80b26536f1e24a1824ad3b81d5 163a003d567f6d41f861d978c558eced69ed2b25c863055ed8171eefa350784b Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js	4.4 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12978 Hash f77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7 Loading...

	x04322.com/	48 B	2023-03-07	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen6471 Hash 37f0336a6fe3f56c661b149ecf659efe 9aff4163d5da3b8d760f0593c583dd8d1f6dfc14 f33f7afadc5c318efdd57d35da2dc2aebe39fd166a61905ce37b9f7363f51c2f Loading...

	x04322.com/	767 B	2023-03-07	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen1193 Hash d079e410930d6fb6a5d396747bfe3a0f d14c05615f0827a2d36ad024d030a75889811a8b 046d12be3ee1a44dc2ed236e310b2f1d1853732767edc524592758f603a5d257 Loading...

	x04322.com/	804 B	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen1166 Hash 25e3dca6c93577c0cc0136869a6915ec 6372ec856444739bfb5066830264264842676920 ecfb96e0d20c7f451701892909a741042a5dae73e83a05ac132cb890808cb06c Loading...

	x04322.com/	751 B	2023-03-07	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen1192 Hash 2f85eaef1f88c5e1cd173561097aae70 09204930b449802b37a4c9bad043074760fd2444 8a75ad4d4ea42e1837c06e051b80485e1a2e817868c4cfc7648f93427c443032 Loading...

	x04322.com/	1.1 kB	2024-04-11	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 17:47:49 Last Seen2024-05-04 01:36:06 Times Seen230 Hash f430889e57d1f366b5b08cb58a3b8942 439179f3b673eecadb0a551dfa953eaf649be8a8 c950dc3e3086e6f4fe3c32a2464ef623d8cf324b928a0d3818fa7f97f9fb3d11 Loading...

	x04322.com/	714 B	2024-03-21	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-21 17:46:56 Last Seen2024-05-04 08:43:14 Times Seen147 Hash 66cea3f7e82b200b7b9b19b0d6f225f5 5a3bf0754f1efea956c7f3ab21c6ea927a4a0d21 2aeb6dccc05af5c1a4d52bd498dc4c144a6880da3568620ff408d6a108530ff9 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js	12 kB	2023-08-15	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 12:01:05 Last Seen2024-05-04 08:43:14 Times Seen3965 Hash d87854586672bff7f886a47da85da5ed 8d0537030dc7a81ade87a41a75fd5a75e4e33da1 17859187f895c27de8869fb6bfec579fd68c4588d0af71d08d334be92d144ada Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js	20 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen13004 Hash 5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/moment.js	117 kB	2023-07-29	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/moment.js IP 103.198.200.1 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-29 10:21:40 Last Seen2024-05-04 08:43:14 Times Seen8890 Hash 36c8f828395a9395549bd6e7307cb7e9 f30a4961558e2d3d4405e7d93aa28fdb63245e78 5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33 Loading...

	x04322.com/	30 kB	2024-04-25	2024-04-26
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 01:17:08 Last Seen2024-04-26 09:23:47 Times Seen14 Hash e7bea8c458da70975035fdc086dad4f3 03658f8b8094ca38c17da715959c051450b4d47f 549f0d851c1b797c9795e77a7f325e862a78845b523a3eeffadd190be09b9d7d Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js	45 kB	2023-08-15	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 12:01:05 Last Seen2024-05-04 08:43:14 Times Seen7942 Hash f15409fb02c527ce1f66a2fd3c4aa0e9 1e1e1bcc0f49e99e14ba34991cffe0745178d302 1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js	17 kB	2023-04-05	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6481 Hash 1008fe6a5e1a182d7775963b85405bb2 e174a7b08cc3cb5545af1cd33d2814e604119392 7479f6f22194ac37dd6d3f5a579b4682ac8dcb6389fb961cf4140f3fcc707a20 Loading...

	etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js	28 kB	2023-04-05	2024-05-04
Pretty URL etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:13 Times Seen6466 Hash 9c41709c2b64126b909c101a27f39153 4ab666b36c092577acb41390ad90e96d5fea7711 c1963697eeafb63b6c29e95da2d38d91dd907ab656e130e6e1c34d1dcd149f60 Loading...

	x04322.com/	13 kB	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6477 Hash 109d40ff6f9b3510b169fac4b8e845ce 4ce0fc768718f555487159ddd745e728a0c74c64 7b782f2e9589aa72ddadf4546c0f09709c73bea1339cd0ce893dfc40f6252949 Loading...

	x04322.com/	11 kB	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6451 Hash 6681856885ee92601b7711c11d19553f 95ab4437869df8c790cad28e0753a4c9ea362e73 ce52fd46b2a5cfd741a2f0c39bc2d5218271b5690bdf8ec33af94f1062e98d23 Loading...

	unknown	505 B	2024-04-13	2024-05-04
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-04-13 19:55:15 Last Seen2024-05-04 07:02:10 Times Seen17 Hash 472fbcaf5fbed812c6507650c633c886 11d58b3112b6d549f6f90cbdb252688a4c80d41b d83eb04a33e059d7c9fbdb5dcb31fd244c3c300dfd5687d76c9d791bb393265d Loading...

	x04322.com/	3.6 kB	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6449 Hash d15a9b513acdcf3e9b08901384511565 f1fe72392137895e4952f835c0330f76aacfecdf 9fa644edfd9af9be6b244016e8f4f0eaee414732edc6ba3641e8647253359995 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/layer.js	22 kB	2023-04-05	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/layer.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6465 Hash cb96339625e9d456e32f86cdb3c7a7a1 1301165c58bbb13c542cba493b7ab5774e87e31f 17fb047ba6828fcbdf2ca226fa4594cfded2b2fdfeaff89a5bd81c7cf0359919 Loading...

	x04322.com/	32 kB	2024-04-25	2024-04-26
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 01:17:09 Last Seen2024-04-26 09:23:47 Times Seen14 Hash 8b41dc54f309c2468fd4f774cb48ad8a fea9157f70c4d8edadfecddc582d43e4b8f251d2 a9e1db171bd27d29790f3fb67ea0d54483c211c21881d152fde1c7a1fd60b62c Loading...

	x04322.com/	20 kB	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6445 Hash 9f5bce1aa50f72fd0834901c70db4f43 41771079bee5eb45539e694a5eff580732ab26b0 a50724b65a2657f6e67adbf98a3dd135de52b4786350f0b1bd142adff38c7ffd Loading...

	x04322.com/	6 B	2023-03-07	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen7347 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	x04322.com/	1.8 kB	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6441 Hash 9f1681b5a72417b33c2869aab85af152 b40a6d9c6d058c2bd6e126a1b0191182926b9d04 eabdfd0c5237f406e0acbef879968e72e5e3d62dd8e8b6bcee48e5ab7f4d0154 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js	61 kB	2023-08-26	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-26 00:19:56 Last Seen2024-05-04 08:43:14 Times Seen3433 Hash e6ce47d880d7a50ddf91b074c8572edf 6a3657c67209136e5b544859daecf16f2d153b72 c49e04c7ecfd07c74b58cf161ef2b58f2bc837a9091ed1ae090a33734cdaa734 Loading...

	etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js	15 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12977 Hash 4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js	2.1 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12982 Hash 07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d Loading...

	x04322.com/	2.6 kB	2023-11-23	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-23 15:36:17 Last Seen2024-05-04 08:43:14 Times Seen2139 Hash 9c3f7d9e5de3b764c32a679ad06ae3db 9ab260e36b46c6ca6f58066ee914f3826d86a37f fefe9a763127c0f92edfe95be1000aeed2eda7690482769c90dc9488dbe5d33a Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js	65 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen13216 Hash b5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e Loading...

	x04322.com/	128 kB	2024-04-12	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 06:56:45 Last Seen2024-05-04 08:43:14 Times Seen69 Hash 20c04f821f3387b69177dde5dbca35e1 e89cc312ac43b31476e72360e50a567ef1bac953 52066050e96e4cdea460498d8de39b35fac2e94f7535a6278b8ac8a82d5cd841 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/float.js	7.0 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/float.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-04 08:43:14 Times Seen12983 Hash 829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271 Loading...

	x04322.com/message_zh_CN.js?v=1713951947790	32 kB	2023-12-07	2024-05-04
Pretty URL x04322.com/message_zh_CN.js?v=1713951947790 IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 04:18:39 Last Seen2024-05-04 08:43:14 Times Seen1735 Hash 879e0d38aaa72a30c1987722f24ef0ff a71947b06e5ff779946d15db8877a103a5432036 fd47dca609ede55de5f51d756c967b63f0d223330e6eef19df0c3659e1bd9a55 Loading...

	x04322.com/	1.4 kB	2023-08-21	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-21 11:10:45 Last Seen2024-05-04 08:43:14 Times Seen3824 Hash 479c01001c455527cf2aafec087accad 230c5d853a00977d890c25cb56b5a07c5e0acd0e 0ad2a7081ff475ce3a2068fe69547248166c0fd39f26fbf03f2ac5db073a16cf Loading...

	x04322.com/	3.5 kB	2023-10-24	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 11:42:08 Last Seen2024-05-04 08:43:14 Times Seen2918 Hash 7932637ac9b0a1125acfaeffa837b6af 01107a42cef642f68e70ef30502ecb6c0de6a0d6 f938651bd7efeb3c523dcca3df1c9a0cc63b12f604816c8e49636fda5b1b1c7e Loading...

	etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1713951947790	33 kB	2023-04-05	2024-05-04
Pretty URL etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1713951947790 IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6578 Hash a55780dc13cbf1a8d375f14ebb659cf2 9548cc269bcde0dc48e166fa6bab37af8a649e57 35d147a863ab8828e073ca1ae89d476a9cede797c410ac555597c1f442452cc8 Loading...

	x04322.com/	2.0 kB	2023-11-22	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-22 16:18:01 Last Seen2024-05-04 08:43:14 Times Seen2147 Hash dd4934ec50598a49950c57836d268ba9 9830d9f40b0baf411ea1e7b7a4b65675cf35ae04 89e8ae92a48e530a676704a7858edcc65fdd1488e39280ba8da4cb80dc5729d5 Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-05-04 08:43:14 Times Seen13599 Hash b091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10 Loading...

	x04322.com/	6.0 kB	2023-08-02	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 04:42:13 Last Seen2024-05-04 08:43:14 Times Seen4336 Hash e6ea297058f6d52d83390d9ea7f914aa 349df987c3c4c50687d993b31f83cfea7f796730 2f21ca2376a9112f70c12ecc46d75ff792b067f5edceae5ea06011c13cf14e56 Loading...

	x04322.com/	390 B	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6387 Hash 4e6bbb84979a27014e74be230fe8440f aafe0c1dba07e91354abfb25d154c0acbed24d61 03e9af072f4db23c6c6cd74a89c796a3c764731da4734682f3ccfc07e0e54e74 Loading...

	x04322.com/	784 B	2023-04-05	2024-05-04
Pretty URL x04322.com/ IP 154.210.57.76 ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen1122 Hash 6b3c6e590d06928da03314e048eb2cd4 8e7f24d16c8423a6a06f61668be08ade212b931c 9bd11a66e1db83fbea8c479810f226687a73f2ded0b8138f3866853f85c80c8f Loading...

	etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js	12 kB	2023-04-05	2024-05-04
Pretty URL etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js IP 103.155.16.137 ASN #138915 Kaopu Cloud HK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 18:30:47 Last Seen2024-05-04 08:43:14 Times Seen6476 Hash 466a7ed7d00986d45375c0cbffb5233c 68845ead668e9abd29c24b491dbf97b219226c08 7ddafae5a0a552d2d56101cdc8306403e8fb9570759d66c48b25893b409f0123 Loading...

HTTP Transactions (66)

URL IP Response Size

x04322.com/

154.210.57.76

200 OK

0 B

URL User Request GET HTTP/1.1
x04322.com/
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET / HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 26 Apr 2024 07:22:49 GMT
Location: https://x04322.com/
Content-Length: 0

x04322.com/?__CBK=3860818d0c288d4af6224bcb4201f2d011714111916_17979458

154.210.57.76

0 B

URL
x04322.com/?__CBK=3860818d0c288d4af6224bcb4201f2d011714111916_17979458
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?__CBK=3860818d0c288d4af6224bcb4201f2d011714111916_17979458 HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 26 Apr 2024 07:22:51 GMT
Location: https://x04322.com/
Content-Length: 0

x04322.com/

154.210.57.76

200 OK

1.4 kB

URL User Request GET HTTP/1.1
x04322.com/
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.4 kB (1408 bytes)
Hash
0e5e38faab2fbb6a9a3dbe68d1be11a8
22b565ae66bdeda3aafd4d8edb2a82749997eb82
f2f529a62f4f3f2c711cac6cac06ac95836f36579efecc76ec0a1c4f63e07773

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET / HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked

x04322.com/favicon.ico

154.210.57.76

1.4 kB

URL
x04322.com/favicon.ico
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.4 kB (1419 bytes)
Hash
aca34a9da16772fd4a1835cdd1996c9b
66469f20ac13df4b51cbb391a8471d169f9e3614
05e997931f49383fada8a384f00127c744648e6f6bde00961c146043e539c9a9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked

x04322.com/?__CBK=3cf098f1fe406c0ef6a01eb67dc9e89b41714116177_18134289

154.210.57.76

302 Found

0 B

URL User Request GET HTTP/1.1
x04322.com/?__CBK=3cf098f1fe406c0ef6a01eb67dc9e89b41714116177_18134289
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?__CBK=3cf098f1fe406c0ef6a01eb67dc9e89b41714116177_18134289 HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 0
Location: /

x04322.com/message_zh_CN.js?v=1713951947790

154.210.57.76

200 OK

9.9 kB

URL GET HTTP/1.1
x04322.com/message_zh_CN.js?v=1713951947790
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (18069)
Size
9.9 kB (9892 bytes)
Hash
8e3a3463437bc8b56e112f0b87b6a0d0
dfaac70f23b58a771856460bb00aebc5fcadb2ce
0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /message_zh_CN.js?v=1713951947790 HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:17:48 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 27 Apr 2024 07:17:48 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-17141158684999
out-line: gb-source-106
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 9892

x04322.com/

154.210.57.76

200 OK

77 kB

URL User Request GET HTTP/1.1
x04322.com/
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (624)
Size
77 kB (76840 bytes)
Hash
d171b4335111101f703df74daba385b4
edf84caafc730a26de8a362f4e309ddab8c3a608
3f592245125d2ce4ef48ad2e841795ce88d9db1730608201811bfe82197d474b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET / HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:30 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-html-cache: HIT-3600
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-source-106
Content-Encoding: gzip
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked

etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css

103.155.16.137

200 OK

6.0 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
6.0 kB (5961 bytes)
Hash
3ee32cc28bee77ec29467a03b69b0574
36f7c705f1419e6c6840b85f8dd12e379b16c066
4c479d007576da5d4a485513250d8c69d280b5392d54e3516f53140234a532db

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5961
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: W/"631d86f0-7005"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cdn-Request-ID: ca5a523bc39d0896de19e081c8b0141a

etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css

103.155.16.137

200 OK

6.3 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Size
6.3 kB (6253 bytes)
Hash
4f6eba52b6bdba2bd8154d39c61fcaab
11a91e977ab64175dc2ec233d45c6cf9d34798b0
b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"64ad1569-7b6e"
Date: Sun, 21 Apr 2024 08:04:57 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Tue, 21 May 2024 08:04:57 GMT
Age: 429514
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 5d26ffff35dc20dd412e05f6376ff109

etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css

103.155.16.137

200 OK

17 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (12023)
Size
17 kB (17118 bytes)
Hash
d01c79296c69daae2357744b28ad3a08
6979c86432a04a8cc22818055bd599e10d13892e
03bae6f265bda27347f4697d37ddb03335678cf0a76d5a246ee1b02463294599

HTTP Headers

GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17118
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"661623eb-14596"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Wed, 10 Apr 2024 05:30:19 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429512
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 6b047006600931015f8cf81ec056615f

etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js

103.155.16.137

200 OK

12 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32034)
Size
12 kB (11957 bytes)
Hash
f15409fb02c527ce1f66a2fd3c4aa0e9
1e1e1bcc0f49e99e14ba34991cffe0745178d302
1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27

HTTP Headers

GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"64d5b951-b083"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: d8f3badfbdcdd62b2ab1bd72eaf748a1

etmqz9.innittapp.com/ftl/commonPage/js/float.js

103.155.16.137

200 OK

1.9 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/float.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.9 kB (1929 bytes)
Hash
829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/float.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"612747ba-1b2f"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: 873181c88021e37565b8abe1466f6745

etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js

103.155.16.137

200 OK

34 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
34 kB (33545 bytes)
Hash
b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"5d848f4f-176d4"
Date: Sun, 21 Apr 2024 08:04:30 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:04:30 GMT
Age: 429541
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: fcdb071ae88687ecca232b31703e3da3

etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js

103.155.16.137

200 OK

4.0 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
4.0 kB (4031 bytes)
Hash
4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: W/"60f60fb5-43bc"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: 0f646c7f31d803072b4cc8a0580940e7

etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css

103.198.200.1

200 OK

5.7 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (336)
Size
5.7 kB (5666 bytes)
Hash
499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64252e4f-d530"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 501752
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 2674978ff0d1244631847267fc0eeb7f

etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js

103.155.16.137

200 OK

3.3 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
3.3 kB (3316 bytes)
Hash
3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"6260ddd4-2f13"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: 6e89253f6951ce68424b614f10047647

etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css

103.198.200.1

200 OK

6.9 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (489)
Size
6.9 kB (6923 bytes)
Hash
858eefc3fa70af7d0115c901908471f5
29c181bbbc09a424f7de7cb57629bd8a9e3c679a
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf

HTTP Headers

GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"64ddd5e1-c760"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 501752
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-08
X-Cdn-Request-ID: de76ebf285175f2677e23aec955d43fb

etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js

103.155.16.137

200 OK

797 B

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
797 B (797 bytes)
Hash
07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"6260ddd4-828"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429514
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: ed1d3ed981eed4bf158fda587324bace

etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js

103.155.16.137

200 OK

2.7 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.7 kB (2731 bytes)
Hash
58f1a7fa1a19b0e5ad0a5bad974b98cf
6963ce7378e6c992de06e7e77d79432a0d38f54d
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4

HTTP Headers

GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: W/"64d05f66-2f79"
Date: Sun, 21 Apr 2024 08:04:49 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Tue, 21 May 2024 08:04:49 GMT
Age: 429523
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 0047852b5951a44f4ce303cded982a71

etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js

103.155.16.137

200 OK

16 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (11056)
Size
16 kB (15779 bytes)
Hash
4007cfe0a95df1d6a9f4252e636f995f
b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0

HTTP Headers

GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"64ddbaed-ee5c"
Date: Sun, 21 Apr 2024 08:04:39 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Tue, 21 May 2024 08:04:39 GMT
Age: 429532
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-19
X-Cdn-Request-ID: ffe06daeaf44463a84d5062ab4594a76

etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js

103.198.200.1

200 OK

1.4 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4433), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-1151"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 501798
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: 56e29af15e78f042dca92025db669eb4

etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js

103.155.16.137

200 OK

5.0 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20132), with no line terminators
Size
5.0 kB (5007 bytes)
Hash
5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"5d848f4f-4ea4"
Date: Sun, 21 Apr 2024 08:05:00 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:05:00 GMT
Age: 429512
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: ba6d4ba78156232c7f4ae80b773658bd

etmqz9.innittapp.com/ftl/commonPage/js/layer.js

103.155.16.137

200 OK

7.6 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/layer.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (21922)
Size
7.6 kB (7599 bytes)
Hash
c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"5d848f4f-55f6"
Date: Sun, 21 Apr 2024 08:05:00 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:05:00 GMT
Age: 429511
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 0d32e4318c71e0e2bc0ffccf21db1d48

etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js

103.155.16.137

200 OK

7.7 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27669)
Size
7.7 kB (7746 bytes)
Hash
f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"655579ca-6caf"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-02
X-Cdn-Request-ID: b1e0d0a301c10f8761bcdca6fc455980

etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js

103.155.16.137

200 OK

17 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (64577)
Size
17 kB (17446 bytes)
Hash
b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"5d848f4f-fc8b"
Date: Sun, 21 Apr 2024 08:04:49 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:04:49 GMT
Age: 429522
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cdn-Request-ID: 391bd2cb22b1a90a5582428065bdcd0c

etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js

103.155.16.137

200 OK

4.1 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"655579ca-3a09"
Date: Sun, 21 Apr 2024 08:04:58 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Tue, 21 May 2024 08:04:58 GMT
Age: 429514
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 8fce512803a7f34f109c94b8e5fabe24

etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css

103.155.16.137

200 OK

911 B

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
ASCII text
Size
911 B (911 bytes)
Hash
1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: W/"5d848f4f-b5d"
Date: Sun, 21 Apr 2024 08:05:01 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:05:01 GMT
Age: 429511
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: d2ff69cdd73a7c1189f80365c358061b

etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0

103.155.16.137

200 OK

3.1 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
ASCII text
Size
3.1 kB (3111 bytes)
Hash
5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"6131d862-48e4"
Date: Sun, 21 Apr 2024 08:05:01 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Tue, 21 May 2024 08:05:01 GMT
Age: 429511
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 1cdc077da5c941cdea453fab1814caa5

etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1713951947790

103.155.16.137

200 OK

5.2 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1713951947790
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (801)
Size
5.2 kB (5207 bytes)
Hash
30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1713951947790 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"633d510e-7fd7"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cdn-Request-ID: 6e3bf1274949bb37db9ddb97f2416bbf

etmqz9.innittapp.com/ftl/commonPage/js/moment.js

103.198.200.1

200 OK

27 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/js/moment.js
IP
103.198.200.1:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
27 kB (26968 bytes)
Hash
36c8f828395a9395549bd6e7307cb7e9
f30a4961558e2d3d4405e7d93aa28fdb63245e78
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33

HTTP Headers

GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64b633ca-1cab9"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 501797
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: a50f0a0d8f0727db7696f867cb846589

etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css

103.155.16.137

200 OK

3.8 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2295)
Size
3.8 kB (3788 bytes)
Hash
f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: W/"633d510e-2d52"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 429513
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: 8aa673a955b0354017ec5ae7dee854c1

etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js

103.155.16.137

200 OK

2.1 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.1 kB (2076 bytes)
Hash
cc13495ac566c04d5972da9c11a1d870
d9be95a44caff4e4c1d758d0b29236db286ed5b7
ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2076
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"615584f5-1be5"
Date: Sun, 21 Apr 2024 08:04:40 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
Expires: Tue, 21 May 2024 08:04:40 GMT
Age: 429532
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 0d8a2cd1eeba81032e2079103c1cc9bd

x04322.com/ftl/bet365-1513/themes/images/index_left_title.png

154.210.57.76

200 OK

2.5 kB

URL GET HTTP/1.1
x04322.com/ftl/bet365-1513/themes/images/index_left_title.png
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
PNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2480 bytes)
Hash
243751ae9e30b49a76dc9877ad060823
45ced5a86e90e3c2bfdda3598e82fc58d47ea292
5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-9b0"
Date: Fri, 26 Apr 2024 07:17:49 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 27 Apr 2024 07:17:49 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 2480

etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg

103.155.16.137

200 OK

6.9 kB

URL GET HTTP/1.1
etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP
103.155.16.137:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
https://x04322.com/
Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3
Size
6.9 kB (6871 bytes)
Hash
99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "5d848f4f-1ad7"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 429514
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: bb622b09a609bf215afe0aa5cf56d559

x04322.com/mobile-api/v5/origin/getFloat.html

154.210.57.76

200 OK

2.9 kB

URL POST HTTP/1.1
x04322.com/mobile-api/v5/origin/getFloat.html
IP
154.210.57.76:443
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
2.9 kB (2932 bytes)
Hash
e48dbfdb0c57d8058fea007200d325f1
5a7fa6def7c3733bee13c449a09c072547286a3f
944bed48afb3c02ed26aa331b9d3919e39ee6bbd57a16dff1c0979eb47c6154b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://x04322.com
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:33 GMT
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=66776b881a59021b52807ef9298664ac; Path=/
Access-Control-Allow-Origin: https://x04322.com
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1714116213b50e
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked

x04322.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=

154.210.57.76

901 B

URL GET
x04322.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
901 B (901 bytes)
Hash
c66740c764f99bbf7d9f4be32a11a0bf
ba561ac6001e6da7acdc7d2f86a2ab6183120070
e121cdc6e2f085c8862570f4f0d9ef50a90d7d069273cf75facb0f74331efa70

HTTP Headers

GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:33 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=cff4f63a4f0402d67e06fc02582263f1; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1714116213db42
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked

x04322.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png

154.210.57.76

6.1 kB

URL GET
x04322.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
6.1 kB (6087 bytes)
Hash
30eb0e841ea47a1f05854ebca3f9e9c1
0cb9874c32ff8837c1ffaf89cba502ceb3483b2b
382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365

HTTP Headers

GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "611369ee-17c7"
Date: Fri, 26 Apr 2024 07:23:34 GMT
Content-Type: image/png
Last-Modified: Wed, 11 Aug 2021 06:10:54 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 27 Apr 2024 07:23:34 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, MISS from cdn-Starlink-8C
Content-Length: 6087

x04322.com/index/getUserTimeZoneDate.html?t=lvgcjbl7

154.210.57.76

119 B

URL
x04322.com/index/getUserTimeZoneDate.html?t=lvgcjbl7
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
119 B (119 bytes)
Hash
49e6f645330eb18528f46a1270052e14
4a7b0c3a241809b525285d900db44d1aba683d91
be3b2c107e47175e55dd39ea17e143ee4f99a8872584c251f4eb04faeda005cd

HTTP Headers

GET /index/getUserTimeZoneDate.html?t=lvgcjbl7 HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:34 GMT
Content-Type: text/html; charset=utf-8
Content-Disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17141162140cea
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 119

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10007/1691858019159.jpg?wsSecret=cb9ffb7a5224cada5a1539a645e3ef5b&wsTime=1714116213

103.155.16.137

93 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10007/1691858019159.jpg?wsSecret=cb9ffb7a5224cada5a1539a645e3ef5b&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 630x260, components 3
Size
93 kB (93406 bytes)
Hash
c06a6039b2f3561ec5d4f0c69d170671
6865ffb16dc01a6d6bf86bede76b7c2b449fcd4d
272418fb876975275f984b1983457876733c141e7dbb5fc125fb4276b393234e

HTTP Headers

GET /fserver/files/gb/1513/carousel/10007/1691858019159.jpg?wsSecret=cb9ffb7a5224cada5a1539a645e3ef5b&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 93406
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "64d7b463-16cde"
Date: Thu, 28 Mar 2024 06:34:15 GMT
Last-Modified: Sat, 12 Aug 2023 16:33:39 GMT
Expires: Sat, 27 Apr 2024 06:34:15 GMT
Age: 2508558
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: a081c6b23144c0e8644e6b1c82cb359e

x04322.com/headerInfo.html?t=lvgcjc44

154.210.57.76

116 B

URL
x04322.com/headerInfo.html?t=lvgcjc44
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
116 B (116 bytes)
Hash
8e0a89787736e2ece04d488b22b04c35
d78d9d21e566a5ba0fb76067021e22ea01fc2b11
6d47d7ab7a841cb71b25cd3012eb94ba1870c72a37b97ab094cfa2e4309b6232

HTTP Headers

GET /headerInfo.html?t=lvgcjc44 HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:35 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1714116215892e
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked

etmqz9.innittapp.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=85a43a7d1a5be24dc2fe1b9534c1fe31&wsTime=1714116213

103.198.200.1

2.3 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=85a43a7d1a5be24dc2fe1b9534c1fe31&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 139 x 29, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2276 bytes)
Hash
52a331a9176f0e79b54a961fabdadb81
f2b3c1eecc85589242ba6cab9e5ff605364f415e
8ddf9b81682f988f038c7b64d1880a2c18f519497e75b569e0bdea65413d55d6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=85a43a7d1a5be24dc2fe1b9534c1fe31&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2276
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "5f746413-8e4"
Date: Sat, 20 Apr 2024 12:03:39 GMT
Last-Modified: Wed, 30 Sep 2020 10:55:15 GMT
Expires: Mon, 20 May 2024 12:03:39 GMT
Age: 501595
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: ce1c55f27a048917e9892c13dfc47c92

etmqz9.innittapp.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png

103.155.16.137

1.3 kB

URL
etmqz9.innittapp.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1321 bytes)
Hash
a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "5d848f4f-529"
Date: Thu, 28 Mar 2024 06:29:59 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sat, 27 Apr 2024 06:29:59 GMT
Age: 2508815
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 22d0e48105f51bfb7366638f4a7248be

etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=f2e091cbda48e17fc76de3dd8430d78a&wsTime=1714116213

103.198.200.1

5.3 kB

URL
etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=f2e091cbda48e17fc76de3dd8430d78a&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 90 x 50, 8-bit/color RGBA, interlaced
Size
5.3 kB (5335 bytes)
Hash
715accde73ee91614d615e95f82739f9
1c47e65ab9b1ad7074f9b7dd934a816bd3ef834e
13d1b623d4dd66c17067a7aea27e71fc4510406a946f13c86f99c499b4e7aa62

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=f2e091cbda48e17fc76de3dd8430d78a&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5335
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "5ff80d82-14d7"
Date: Sat, 20 Apr 2024 12:03:40 GMT
Last-Modified: Fri, 08 Jan 2021 07:45:06 GMT
Expires: Mon, 20 May 2024 12:03:40 GMT
Age: 501594
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 6d0a570dd0f6e0d69a4ba3c48e0b822a

x04322.com/mobile-api/v5/chess/getActivityMsg.html?function=sign

154.210.57.76

140 B

URL
x04322.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
140 B (140 bytes)
Hash
5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:35 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1714116215f16e
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 140

etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=36cc3c03faca481fd91604edf63b5c1f&wsTime=1714116213

103.198.200.1

4.2 kB

URL
etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=36cc3c03faca481fd91604edf63b5c1f&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4152 bytes)
Hash
af8e634c913f2a0398342b315793de02
886daf11ed8cb8a67313b28f042100c3a87cedd0
ab903e832a7be190aab69d16acfd4f4c3694760a8b215e06ec356541f33d4b27

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=36cc3c03faca481fd91604edf63b5c1f&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4152
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: "5d848f4f-1038"
Date: Sat, 20 Apr 2024 12:03:02 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:03:02 GMT
Age: 501633
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 19ba54beba815516a35aaac61d7a0015

etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_vs.png?wsSecret=fb09d3047273b1881d265fc6711a2e82&wsTime=1714116213

103.198.200.1

5.0 kB

URL
etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_vs.png?wsSecret=fb09d3047273b1881d265fc6711a2e82&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced
Size
5.0 kB (4950 bytes)
Hash
2402cfcfffe253d89768ba1614847112
b4daa7393b99f7960926992247d1609ea5cd3921
4b28589dba696ca992cde07a46032664b959a925889dcbc6193054bba8fcbf1d

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_vs.png?wsSecret=fb09d3047273b1881d265fc6711a2e82&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4950
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: "615c060f-1356"
Date: Sat, 20 Apr 2024 12:03:00 GMT
Last-Modified: Tue, 05 Oct 2021 08:00:15 GMT
Expires: Mon, 20 May 2024 12:03:00 GMT
Age: 501634
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: cf7f47e0c88ce955c9b6cf1555cebcde

etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=3261826399df6695eb97d4c35bb9b85b&wsTime=1714116213

103.198.200.1

3.4 kB

URL
etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=3261826399df6695eb97d4c35bb9b85b&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3379 bytes)
Hash
713d3249f565ee6cdea22930f286ae6b
d4c9e8b133d52da738b2514a18b9895562b93feb
4db2562253749f79c14ce870175325af50e48040e99b31aa5ddb25512b92dafb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=3261826399df6695eb97d4c35bb9b85b&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3379
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "636cc24e-d33"
Date: Sat, 20 Apr 2024 12:03:03 GMT
Last-Modified: Thu, 10 Nov 2022 09:20:14 GMT
Expires: Mon, 20 May 2024 12:03:03 GMT
Age: 501631
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: 95b7d1f30f487b1094277dc95903c00d

x04322.com/mobile-api/v5/origin/loginSwitchCheck.html

154.210.57.76

174 B

URL
x04322.com/mobile-api/v5/origin/loginSwitchCheck.html
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
174 B (174 bytes)
Hash
1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365

HTTP Headers

GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Cookie: route=cff4f63a4f0402d67e06fc02582263f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:35 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=9f8c829bfb3537f530509e8eaa83639a; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17141162157f47
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 174

x04322.com/captcha/loginTop.html?t=jhzptiaj

154.210.57.76

1.4 kB

URL GET
x04322.com/captcha/loginTop.html?t=jhzptiaj
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3
Size
1.4 kB (1430 bytes)
Hash
ba59c3d9445dfdc2ce0d0d03336d9699
79a3e259ef4f5bf9cc7dbd022c123beee9fc4d7e
68d24c748777b3a75c9f92c1b5041bd66fa861b3423763c62d6da7b7de5b0fa0

HTTP Headers

GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:35 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: route=98d89b53d4664b2b8f76fcfb49bcc69d; Path=/
SID=gw0OWlBLTxU/TtsPEZsdsToopyM7/PDo7K6cltHdeLix/jTszRBfBHuqWcQJifuRJBHyaAeTxxgM9XFAZJ0myz+UkL4SOucf+BzuQNV4lVzSyiMXnlE=; Domain=.x04322.com; Path=/; HttpOnly
tempSid: gw0OWlBLTxU/TtsPEZsdsToopyM7/PDo7K6cltHdeLix/jTszRBfBHuqWcQJifuRJBHyaAeTxxgM9XFAZJ0myz+UkL4SOucf+BzuQNV4lVzSyiMXnlE=
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17141162154e1e
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10046/1700743940627.jpg?wsSecret=2e696ac8dd54e0a37e56f708d4cc2a52&wsTime=1714116213

103.155.16.137

113 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10046/1700743940627.jpg?wsSecret=2e696ac8dd54e0a37e56f708d4cc2a52&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 692x516, components 3
Size
113 kB (112572 bytes)
Hash
cc285e2bcd4bdfa167f3a89cdfa8c3fd
59e3f2eddcfa5bdcd68f132883b5f6a2cf751226
0a7c20d3c2e426baa9403abbeb5bd2ef0fe3d09b5eb2ba42e9e2cb3863227a4e

HTTP Headers

GET /fserver/files/gb/1513/carousel/10046/1700743940627.jpg?wsSecret=2e696ac8dd54e0a37e56f708d4cc2a52&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 112572
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "655f4b04-1b7bc"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Thu, 23 Nov 2023 12:52:20 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 2508811
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 79e0ad9199940c51c59f7061c8b9ea4e

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10062/1713789081404.jpg?wsSecret=810dd1579a118a33e617ee2978ba2da3&wsTime=1714116213

103.155.16.137

136 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10062/1713789081404.jpg?wsSecret=810dd1579a118a33e617ee2978ba2da3&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 692x516, components 3
Size
136 kB (135582 bytes)
Hash
620c326f654d548041e47b4ea39d869f
95e90db4cff9cbfaf488f50f60e8a0f690a41b0c
c116378fe2d0eeaf5dc3b0ae17cc3640d70ec51f1ebe8be36c7c6e190cf4a2be

HTTP Headers

GET /fserver/files/gb/1513/carousel/10062/1713789081404.jpg?wsSecret=810dd1579a118a33e617ee2978ba2da3&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 135582
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: "66265899-2119e"
Date: Mon, 22 Apr 2024 12:31:44 GMT
Last-Modified: Mon, 22 Apr 2024 12:31:21 GMT
Expires: Wed, 22 May 2024 12:31:44 GMT
Age: 327110
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-09
X-Cdn-Request-ID: b95463a7497299544cadb7b0272ed639

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10035/1700636520075.jpg?wsSecret=b79a5574ec956a37b6949c76fb84eece&wsTime=1714116213

103.155.16.137

176 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10035/1700636520075.jpg?wsSecret=b79a5574ec956a37b6949c76fb84eece&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 692x516, components 3
Size
176 kB (176197 bytes)
Hash
6f4e3e1934e44400d10656625bd4aec9
da0da6ef4b632061b155fa30341755e49e23676b
1ac1edea996c9e8711956ab5fdf4ae0f447b88a8e039fdb86b95f692c942ced6

HTTP Headers

GET /fserver/files/gb/1513/carousel/10035/1700636520075.jpg?wsSecret=b79a5574ec956a37b6949c76fb84eece&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 176197
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "655da768-2b045"
Date: Thu, 28 Mar 2024 06:30:59 GMT
Last-Modified: Wed, 22 Nov 2023 07:02:00 GMT
Expires: Sat, 27 Apr 2024 06:30:59 GMT
Age: 2508756
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: fd1937205076f1cb141f8f699f6e84da

x04322.com/mobile-api/v5/origin/getThirdParam.html

154.210.57.76

103 B

URL
x04322.com/mobile-api/v5/origin/getThirdParam.html
IP
154.210.57.76:0
ASN
#139471 HWA CENT TELECOMMUNICATIONS LIMITED

Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
JSON text data
Size
103 B (103 bytes)
Hash
9ac55fe189e4f53f37156e563e0f542e
18b13b1360ce9fbd973e046d2652be38d58a15e0
d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365
OpenPhish	phishing	Bet365

HTTP Headers

GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Cookie: route=9f8c829bfb3537f530509e8eaa83639a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 26 Apr 2024 07:23:35 GMT
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1714116215d0b1
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 103

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=f5a1dd688690d88e749cd492b9ac4dd8&wsTime=1714116213

103.155.16.137

519 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=f5a1dd688690d88e749cd492b9ac4dd8&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 15 x 17, 8-bit colormap, non-interlaced
Size
519 B (519 bytes)
Hash
abf297e51fa41e9771aa7392fa9cba44
f76236aa20e9b0d8032666ff853fa87489049b08
1e082f27f562177c07f18f10e71d37d43ded6c836d16d425272ff33c51c3c798

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/oclock.png?wsSecret=f5a1dd688690d88e749cd492b9ac4dd8&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 519
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: "613c72a9-207"
Date: Thu, 28 Mar 2024 06:34:21 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:34:21 GMT
Age: 2508554
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-11
X-Cdn-Request-ID: d1543a7c3c6e1edd4ef6f80da0a929db

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=32e4765d4cd755e1166bcfe63ee0ac99&wsTime=1714116213

103.155.16.137

1.2 kB

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=32e4765d4cd755e1166bcfe63ee0ac99&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
GIF image data, version 89a, 14 x 18
Size
1.2 kB (1248 bytes)
Hash
d7ee8c341d86a4bb78532e2d8e721b7e
0e9394a2905d235b6a7215a03f0a5f8534451bef
ff425363cf8edbb85d152bcdc36a137596829b6c003ac77a1be531922cd8f055

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/hot1.gif?wsSecret=32e4765d4cd755e1166bcfe63ee0ac99&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1248
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: "613c72a9-4e0"
Date: Thu, 28 Mar 2024 06:30:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:56 GMT
Age: 2508759
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: efc47fc0e29bb100214babdc01a71d48

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10030/1686395314100.png?wsSecret=b342884dd2386a44f17cd0ceab027528&wsTime=1714116213

103.155.16.137

266 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10030/1686395314100.png?wsSecret=b342884dd2386a44f17cd0ceab027528&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 692 x 516, 8-bit/color RGB, non-interlaced
Size
266 kB (266168 bytes)
Hash
a806d7a444b2ef9b8cc89ec7e8e7734f
55868897081e15bcf2c399bc5a775e3007155442
671761066cbac53d7aa37a14455d8a4fd9d20e69ce51fd00d95352091feaff84

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /fserver/files/gb/1513/carousel/10030/1686395314100.png?wsSecret=b342884dd2386a44f17cd0ceab027528&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 266168
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: "648459b2-40fb8"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Sat, 10 Jun 2023 11:08:34 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 2508811
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: c531b8fbd6abeb66b763b7a9fe395cda

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=2ea6990db83e810222b3b511bcd20a95&wsTime=1714116213

103.155.16.137

918 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=2ea6990db83e810222b3b511bcd20a95&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x796, components 3
Size
918 B (918 bytes)
Hash
28b9980238466725db46247eeb3ae314
5490115ce6b25413f142811de784c6460cb7bab2
32c09d293a7029ae5c392f2986a13296809654b4e3816ebc5b9dd7a31a9fb51d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=2ea6990db83e810222b3b511bcd20a95&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 918
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-396"
Date: Thu, 28 Mar 2024 06:39:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:36 GMT
Age: 2508239
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 325bf75f7fc69702d10c4be28e3b4e8e

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10057/1704450087425.jpg?wsSecret=664d280e081160c0005e2d051af69ec0&wsTime=1714116213

103.198.200.1

151 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10057/1704450087425.jpg?wsSecret=664d280e081160c0005e2d051af69ec0&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 692x516, components 3
Size
151 kB (151254 bytes)
Hash
d7b34268a2e2eee25d179d0479f79039
edbd73183fe4456cf1569526e21637983df50754
77423f5eb7ab6201c0b10a7a608fe3f5a596450fe06031a0f27c337f66fedd77

HTTP Headers

GET /fserver/files/gb/1513/carousel/10057/1704450087425.jpg?wsSecret=664d280e081160c0005e2d051af69ec0&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 151254
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: "6597d827-24ed6"
Date: Sat, 20 Apr 2024 12:03:37 GMT
Last-Modified: Fri, 05 Jan 2024 10:21:27 GMT
Expires: Mon, 20 May 2024 12:03:37 GMT
Age: 501597
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: fc752079bcf9a38c78337a9a3839c35f

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=eab7427fe74fb9cd39af978e504c465b&wsTime=1714116213

103.155.16.137

680 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=eab7427fe74fb9cd39af978e504c465b&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 169 x 34, 8-bit colormap, non-interlaced
Size
680 B (680 bytes)
Hash
dd8380feb68da72f3f8fe960f611ce7c
707651dea23c986d71afe91337a2822d3945b552
f25f16a3e8f11c5e37793ddbaf9351a915d8df2e1c8d39cac01dadd255de9573

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/member_login.png?wsSecret=eab7427fe74fb9cd39af978e504c465b&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 680
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-2a8"
Date: Thu, 28 Mar 2024 06:30:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:57 GMT
Age: 2508759
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: 9bfc08c5d3f63df8ed4d7e88801e139a

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=8dcc5dc24c7930fb1e475d43024f5a1e&wsTime=1714116213

103.155.16.137

306 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=8dcc5dc24c7930fb1e475d43024f5a1e&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 11 x 14, 8-bit colormap, non-interlaced
Size
306 B (306 bytes)
Hash
8eff7c810e9fe738953f72c30600c49d
76d0ff44cfe59218f5520bb880ca1a8b227185be
ce1d697df52ad12d4443c85c7d257ccdfc48803bdc84409ed7732231587f56d0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/input_id.png?wsSecret=8dcc5dc24c7930fb1e475d43024f5a1e&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 306
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-132"
Date: Thu, 28 Mar 2024 06:39:37 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:37 GMT
Age: 2508239
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-20
X-Cdn-Request-ID: dd7c673401c024295b395c27c8bd59fb

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=89faa627e7d1aaff3f6faf79ea4e88c9&wsTime=1714116213

103.155.16.137

295 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=89faa627e7d1aaff3f6faf79ea4e88c9&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 11 x 14, 8-bit colormap, non-interlaced
Size
295 B (295 bytes)
Hash
8a10f6dde7ab93278fce03968f25594f
61bc29c3cd2a21ca6ff9dc300cfbe3b7789b7862
6792a1a4f681b2d608c6a3e1964e0d2ef9b3fcf743ce3b8afee4a1c97ea2da7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/input_pw.png?wsSecret=89faa627e7d1aaff3f6faf79ea4e88c9&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 295
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "613c72a9-127"
Date: Thu, 28 Mar 2024 06:30:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:56 GMT
Age: 2508759
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-09
X-Cdn-Request-ID: 92b7cfc9aaf3d64717a93a9ee798c81e

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=935d4bb6a945283c936a6f12f4241934&wsTime=1714116213

103.155.16.137

328 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=935d4bb6a945283c936a6f12f4241934&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 190 x 66, 8-bit colormap, non-interlaced
Size
328 B (328 bytes)
Hash
c84badf514a135594e25cbcd6a5e6d4b
6883fd7e93396a9aeb426d2035a724335b5e04c4
5975ef695aff12c818fe0c61c10a3a14b01f38dbfc7d102de8c1d3444befa08e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=935d4bb6a945283c936a6f12f4241934&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 328
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-148"
Date: Thu, 28 Mar 2024 06:39:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:36 GMT
Age: 2508240
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-10
X-Cdn-Request-ID: 559a4e289a5895b1fdf0b142e27c9fb5

etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10026/1686752442517.png?wsSecret=130f97f0ff9e1d3b8efbd1699866f450&wsTime=1714116213

103.155.16.137

341 kB

URL
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10026/1686752442517.png?wsSecret=130f97f0ff9e1d3b8efbd1699866f450&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 692 x 516, 8-bit/color RGB, non-interlaced
Size
341 kB (340563 bytes)
Hash
f8a72225548e26262f749c395c97d1fa
e8910bdaf16e6c1cd5df6fca3d286167f821f96b
93d1d2dae7ebf2d19694b0f20032128435898169a7924bf8d4074918e48acdff

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /fserver/files/gb/1513/carousel/10026/1686752442517.png?wsSecret=130f97f0ff9e1d3b8efbd1699866f450&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 340563
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "6489ccba-53253"
Date: Thu, 28 Mar 2024 06:30:02 GMT
Last-Modified: Wed, 14 Jun 2023 14:20:42 GMT
Expires: Sat, 27 Apr 2024 06:30:02 GMT
Age: 2508812
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 20e5c4e5f65e5490c7e137cb37aa4446

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=d3b4bbd4cce653cbb153258bfb50fff5&wsTime=1714116213

103.198.200.1

318 B

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=d3b4bbd4cce653cbb153258bfb50fff5&wsTime=1714116213
IP
103.198.200.1:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
PNG image data, 14 x 14, 8-bit colormap, non-interlaced
Size
318 B (318 bytes)
Hash
e149b3e85d15c14a150036f93b296253
0006db6a1d3cc14a1d6da738d3243674d6110f84
9137d5630ca64621c97786e21e5ff77e75de43a4e0597aa6974e25d59082428e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=d3b4bbd4cce653cbb153258bfb50fff5&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 318
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "613c72a9-13e"
Date: Sat, 20 Apr 2024 12:03:37 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Mon, 20 May 2024 12:03:37 GMT
Age: 501599
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 9b9d2fb81803217acf632e7343d6f063

etmqz9.innittapp.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=5429d5b856f28e2ddd7fbdcfe3b07ae8&wsTime=1714116213

103.155.16.137

3.7 kB

URL
etmqz9.innittapp.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=5429d5b856f28e2ddd7fbdcfe3b07ae8&wsTime=1714116213
IP
103.155.16.137:0
ASN
#138915 Kaopu Cloud HK Limited

Certificate
IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 307x260, components 3
Size
3.7 kB (3728 bytes)
Hash
884ab3a54eaeeee2c944773ac757ebcd
1aded473eecfb23f06fc59d4cc989853d2117489
bb3a93104a804d751e4456abbef235889811b806243edbbbb31a757c070b612a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=5429d5b856f28e2ddd7fbdcfe3b07ae8&wsTime=1714116213 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3728
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "613c72a9-e90"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 2508816
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cdn-Request-ID: d09505aaa9917ed0c2112349f6b29c65

x04322.com/ftl/bet365-1513/themes/images/license.png

0.0.0.0

0 B

URL GET
x04322.com/ftl/bet365-1513/themes/images/license.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://x04322.com/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectx04320.com
Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09
ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /ftl/bet365-1513/themes/images/license.png HTTP/1.1
Host: x04322.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x04322.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML