154.210.56.88200 OK 0 B URL User Request GET HTTP/1.1 IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 10 May 2024 09:44:51 GMT
Location: https://04322f.com/
Content-Length: 0
04322f.com/?__CBK=3b30417381bed3ea81d6f8286a6777e191715334259_2292754//mobile-client/index/index.html/mobile-client/index/index.html
154.210.56.88 0 B URL 04322f.com/?__CBK=3b30417381bed3ea81d6f8286a6777e191715334259_2292754//mobile-client/index/index.html/mobile-client/index/index.html
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=3b30417381bed3ea81d6f8286a6777e191715334259_2292754//mobile-client/index/index.html/mobile-client/index/index.html HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 10 May 2024 09:44:53 GMT
Location: https://04322f.com/
Content-Length: 0
154.210.56.88200 OK 1.4 kB URL User Request GET HTTP/1.1 IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 416be1ad2a07b932d4d6416403bd966e
f2e6c0a73053615dc10d8433bd177984b4179e40
92417621b16f9541b0a3167d536d8807c5620f9104ddefca9083bae548b9b27a
GET / HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
04322f.com/favicon.ico
154.210.56.88 1.4 kB IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 624ca6395e8961c66abab7694d438e0b
dca9ebdb0ab951b238227e460660254298d36b22
c1d2762b0429420b8c6409055602cf6ae84c6e15f2356130255fe8a1447ca81b
GET /favicon.ico HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
04322f.com/?__CBK=3861272f338a504be617b050b594c269b1715334299_2292787
154.210.56.88302 Found 0 B URL User Request GET HTTP/1.1 04322f.com/?__CBK=3861272f338a504be617b050b594c269b1715334299_2292787
IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=3861272f338a504be617b050b594c269b1715334299_2292787 HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Length: 0
Location: /
04322f.com/message_zh_CN.js?v=1715161548792
154.210.56.88200 OK 9.9 kB URL GET HTTP/1.1 04322f.com/message_zh_CN.js?v=1715161548792
IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (18069)
Hash 8e3a3463437bc8b56e112f0b87b6a0d0
dfaac70f23b58a771856460bb00aebc5fcadb2ce
0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b
GET /message_zh_CN.js?v=1715161548792 HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:33:05 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 11 May 2024 09:33:05 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-1715333585113d
out-line: gb-source-106
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 9892
154.210.56.88200 OK 77 kB URL User Request GET HTTP/1.1 IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (624)
Hash c360687aadf4a1f74c307d9e5fdcabaa
22a147aae279f514a632920cbfd6935e4389458b
581c765acc51b545fb5b697cce2378eae100e89d8b7551be6b6f3fa58fd74c61
GET / HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:32 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-html-cache: HIT-3600
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-source-106
Content-Encoding: gzip
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css
103.198.200.1200 OK 6.3 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (7014)
Hash 4f6eba52b6bdba2bd8154d39c61fcaab
11a91e977ab64175dc2ec233d45c6cf9d34798b0
b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64ad1569-7b6e"
Date: Sat, 20 Apr 2024 12:00:57 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Mon, 20 May 2024 12:00:57 GMT
Age: 1719877
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 850eda8785e481d2c28f2e4e59bf478a
etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css
103.198.200.1200 OK 6.0 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash d3e49d9b8d1dc488fdaa187442ea0e4f
66797f9e0c3aa0078702140c27dd719351519f4f
18eedd5bfdcad89ef7b073779d19026c35f9cd9dbfb7de786d80d5451632479d
GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5996
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-36-02
ETag: W/"663addfe-70bb"
Date: Wed, 08 May 2024 02:16:23 GMT
Last-Modified: Wed, 08 May 2024 02:05:50 GMT
Expires: Fri, 07 Jun 2024 02:16:23 GMT
Age: 199751
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg36:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-36-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 46abc3b1fc6508d7983b835e18793dc0
etmqz9.innittapp.com/ftl/commonPage/js/float.js
103.198.200.1200 OK 1.9 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/float.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 829af863b0cdc4a603919824ae046299
1d417b1553e4ecb7125ebf2005b74255291fbf73
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"612747ba-1b2f"
Date: Sat, 20 Apr 2024 12:00:13 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Mon, 20 May 2024 12:00:13 GMT
Age: 1719921
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: fed626484935aa17be5ff688d0e93204
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
103.198.200.1200 OK 34 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32038)
Hash b091a47f6b91e26c93a848092c6f3788
52918af2d431e73464060b35d364640c8db75606
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"5d848f4f-176d4"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: 40c0952a3fe949be402ad780ba7e17f9
etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
103.198.200.1200 OK 17 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (12023)
Hash d01c79296c69daae2357744b28ad3a08
6979c86432a04a8cc22818055bd599e10d13892e
03bae6f265bda27347f4697d37ddb03335678cf0a76d5a246ee1b02463294599
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17118
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"661623eb-14596"
Date: Sat, 20 Apr 2024 12:00:58 GMT
Last-Modified: Wed, 10 Apr 2024 05:30:19 GMT
Expires: Mon, 20 May 2024 12:00:58 GMT
Age: 1719876
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: b3d1e6b76236592097d3f66ee070f7b4
etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js
103.198.200.1200 OK 4.0 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 4de3e8bcf2f02d60519ca0d3584d3b8e
6323c2bf18b1bbf968e164bdf2e58d7677f67f8a
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"60f60fb5-43bc"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 4fdaacad00fcccd80b9c5c4a2f175cab
etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js
103.198.200.1200 OK 3.3 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 3b4680db1e065116488f065419ca9f58
6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"6260ddd4-2f13"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719921
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 7fc2a749f20df8e58b2663ff6b97b597
etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js
103.198.200.1200 OK 797 B URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash 07864ad2e2759d53f8f2f14dd4295bd9
95144219e2eb702c4c4a707c3622b086876cf41c
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"6260ddd4-828"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 6f1718edf5474af0b2723651539890d8
etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js
103.198.200.1200 OK 12 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32034)
Hash f15409fb02c527ce1f66a2fd3c4aa0e9
1e1e1bcc0f49e99e14ba34991cffe0745178d302
1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64d5b951-b083"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: f1cd327b0c89ab1b9e803c9eff395737
etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css
103.198.200.1200 OK 6.9 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (489)
Hash 858eefc3fa70af7d0115c901908471f5
29c181bbbc09a424f7de7cb57629bd8a9e3c679a
9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"64ddd5e1-c760"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1719875
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-08
X-Cdn-Request-ID: 6d15b40502901dfff53a29023e96f625
etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css
103.198.200.1200 OK 5.7 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (336)
Hash 499a3a64bcf22609681f5337a6360c80
fc05a8a391c8375ea4e47183eca56a18bed8fca7
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64252e4f-d530"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1719875
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: d388ec4f49e298b7dbda4e75601b26ac
etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js
103.198.200.1200 OK 2.7 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 58f1a7fa1a19b0e5ad0a5bad974b98cf
6963ce7378e6c992de06e7e77d79432a0d38f54d
fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64d05f66-2f79"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: eb35584b3ad896bb98d786b843ced46d
etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js
103.198.200.1200 OK 16 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (11056)
Hash 4007cfe0a95df1d6a9f4252e636f995f
b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8
4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"64ddbaed-ee5c"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 8d939861fd5d1536b988c63175e97502
etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js
103.198.200.1200 OK 5.0 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (20132), with no line terminators
Hash 5ce8851dc823429a42ab6147554403cc
28f381f0e0aa4f5d56690e65723bd97fb59a38e6
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"5d848f4f-4ea4"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: 1d0fde0b174f531d4aea76f1d1b44911
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
103.198.200.1200 OK 1.4 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4433), with no line terminators
Hash f77d83590bc0a69298f2fbcc5d9911cd
1d6aa25d7052f53ad0181385e5efe72f224bbdb9
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-1151"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719921
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: e646e6d2c2641da57695555b8e934a84
etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
103.198.200.1200 OK 7.7 kB URL GET HTTP/1.1 etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (27669)
Hash f8c2b37c1dc626eede6a2e3e37aa4504
d4e8419497caa64c8a850ac4808dddb89b5eeb3f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"655579ca-6caf"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: f11dc6c300fb0ff65894d21ec0ef650a
etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
103.198.200.1200 OK 17 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (64577)
Hash b5bc8cd626b389bde727a91e6ce79436
3df6c39300ac286cf596b3bda273cb39ff825429
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-fc8b"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719921
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 9e8adb038028fbb4ea4246e4e13b4866
etmqz9.innittapp.com/ftl/commonPage/js/layer.js
103.198.200.1200 OK 7.6 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/layer.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (21922)
Hash c42797aecccd5494e2b747cedf1a890b
b9e06a6d245b6a3c87f2753db0c9c9aa020640b2
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-55f6"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1719919
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: cb7e9ea1a9ae2805ed5d82b3858ddb8d
etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
103.198.200.1200 OK 4.1 kB URL GET HTTP/1.1 etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators
Hash 4fe7dadf050dad2dcfd386d21b880281
07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd
aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"655579ca-3a09"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1719921
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: d6c72b00cd45a1addf10f377ad1de652
etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css
103.198.200.1200 OK 911 B URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash 1da71520b7a0a61526a8fa8d0feb40d1
ba1bf69dad8783563328054cae58ccabf1b00829
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"5d848f4f-b5d"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1719876
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: e7608696291c793bd649fc138896ffac
etmqz9.innittapp.com/ftl/commonPage/js/moment.js
103.198.200.1200 OK 27 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/moment.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 36c8f828395a9395549bd6e7307cb7e9
f30a4961558e2d3d4405e7d93aa28fdb63245e78
5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"64b633ca-1cab9"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1719919
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: ce7a32107a56505cde952e94e495f88e
etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1715161548792
103.198.200.1200 OK 5.2 kB URL GET HTTP/1.1 etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1715161548792
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (801)
Hash 30be40425b37bee4158676082cef1f4d
b41ed46721936872d5d7eadf303ce22938240d2a
f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1715161548792 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"633d510e-7fd7"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: b3218edb5d5fb8eeac6b931dd5006409
etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css
103.198.200.1200 OK 3.8 kB URL GET HTTP/1.1 etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (2295)
Hash f00ce0554efc5adea6a8e02d5e501cad
388840e376568b37ac0103aa5c87a268778db67a
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"633d510e-2d52"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1719876
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: bf59eba669d3d7df2c7ae8bbdc3d72be
etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
103.198.200.1200 OK 3.1 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash 5cf9259b7dd27aacd46161ec23d261cf
ba0c399616a5ae9cdd8aec5b76ba4aae4822367c
7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"6131d862-48e4"
Date: Sat, 20 Apr 2024 12:01:00 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Mon, 20 May 2024 12:01:00 GMT
Age: 1719876
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: 86cbb16b258a5defb6e2be5720f0a2e5
etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js
103.198.200.1200 OK 2.1 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash cc13495ac566c04d5972da9c11a1d870
d9be95a44caff4e4c1d758d0b29236db286ed5b7
ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2076
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"615584f5-1be5"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1719920
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 33e94260b9a8ef61802c9beb931529a0
04322f.com/mobile-api/v5/origin/getFloat.html
154.210.56.88200 OK 3.1 kB URL POST HTTP/1.1 04322f.com/mobile-api/v5/origin/getFloat.html
IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash 381dfbc5f1882c63d5e1075ec0af2711
efea5e099be928eebede03abf01b02789859fba6
026eb7f50b5fc9de4c28162828e175a47695bd6c91a370243234e89ef0427f34
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://04322f.com
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:36 GMT
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=66776b881a59021b52807ef9298664ac; Path=/
Access-Control-Allow-Origin: https://04322f.com
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17153343367520
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
103.198.200.1200 OK 6.9 kB URL GET HTTP/1.1 etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
IP 103.198.200.1:443
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3
Hash 99be4bfe275809d4e436b77c991b1381
54eadee77394eb62ccf377ae68d9f49acb5b6785
4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: "5d848f4f-1ad7"
Date: Sat, 20 Apr 2024 12:01:00 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:01:00 GMT
Age: 1719876
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-12
X-Cdn-Request-ID: f2c7c3b900da263b63b6664c6ca0db96
04322f.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=
154.210.56.88200 OK 895 B URL GET HTTP/1.1 04322f.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion=
IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash 5d5195c142c0bd70b327e068bd8f6f78
968c811de438b050730dbe6eca3393d1c97eb290
803f53a97c2a2fe70b50175c95ad3275165482ac881d01c4f323053d12863812
GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:36 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1715334336650e
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
04322f.com/ftl/bet365-1513/themes/images/index_left_title.png
154.210.56.88200 OK 2.5 kB URL GET HTTP/1.1 04322f.com/ftl/bet365-1513/themes/images/index_left_title.png
IP 154.210.56.88:443
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type PNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced
Hash 243751ae9e30b49a76dc9877ad060823
45ced5a86e90e3c2bfdda3598e82fc58d47ea292
5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-9b0"
Date: Fri, 10 May 2024 09:33:08 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 11 May 2024 09:33:08 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 2480
etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10007/1715256206843.jpg?wsSecret=f2d777167b98fae45a85c4fdb76dda6a&wsTime=1715334336
103.198.200.1 84 kB URL GET etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10007/1715256206843.jpg?wsSecret=f2d777167b98fae45a85c4fdb76dda6a&wsTime=1715334336
IP 103.198.200.1:0
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 630x260, components 3
Hash f03c011895172c1ab809311dbdb089a6
65de0da7d436da5ac3ba58ca006405cb00682b99
a56ae5e5c2c08178599751bbf3f46084a8997d7322734926914649b8808eda25
GET /fserver/files/gb/1513/carousel/10007/1715256206843.jpg?wsSecret=f2d777167b98fae45a85c4fdb76dda6a&wsTime=1715334336 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 84268
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "663cbb8e-1492c"
Date: Thu, 09 May 2024 12:13:07 GMT
Last-Modified: Thu, 09 May 2024 12:03:26 GMT
Expires: Sat, 08 Jun 2024 12:13:07 GMT
Age: 77549
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: fceb5e6e7547399e9708c502f2c49dfd
04322f.com/favicon.ico
154.210.56.88 150 B IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 597ba0d4396e9c906225140ce907092c
28ae2ba65ccdb583d79f85b8cc9509fae697493b
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /favicon.ico HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Cookie: route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:38 GMT
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 150
04322f.com/ftl/bet365-1513/themes/images/license.png
154.210.56.88 21 kB URL GET 04322f.com/ftl/bet365-1513/themes/images/license.png
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type PNG image data, 198 x 249, 8-bit/color RGBA, non-interlaced
Hash 6b050a88569349c273caa04328ad5219
b8d7f0fed474522391c84e424585f045563c60cd
3740a6aa129a59a5382f6cd772dcdb598a034229d79c2d40f21210b1625a8895
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/bet365-1513/themes/images/license.png HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-5176"
Date: Fri, 10 May 2024 09:33:06 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 11 May 2024 09:33:06 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 20854
04322f.com/captcha/loginTop.html?t=jhzptiaj
154.210.56.88 1.4 kB URL GET 04322f.com/captcha/loginTop.html?t=jhzptiaj
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3
Hash 08fcf4610bd9fd3fd06454a64796c958
30b8be60665b3879e05c86e62e0699801262589f
0b3f9da3e33f0663629475457664db1f06cd053e2ccb6499a93109b17669ca98
GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:38 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; Path=/
SID=axGR71olA/58fkgRY/HVdpy7+3nlv6CBlmdnYs/2e451BFv6LZd3NocPVt3WRlkUJpA253RaOamAMIP29419YJX9OHSBuQcYXjHJZ1eUoq33Ju1/zWA=; Domain=.04322f.com; Path=/; HttpOnly
tempSid: axGR71olA/58fkgRY/HVdpy7+3nlv6CBlmdnYs/2e451BFv6LZd3NocPVt3WRlkUJpA253RaOamAMIP29419YJX9OHSBuQcYXjHJZ1eUoq33Ju1/zWA=
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17153343384761
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
04322f.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png
154.210.56.88 6.1 kB URL GET 04322f.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 30eb0e841ea47a1f05854ebca3f9e9c1
0cb9874c32ff8837c1ffaf89cba502ceb3483b2b
382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Cookie: route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "611369ee-17c7"
Date: Fri, 10 May 2024 09:33:08 GMT
Content-Type: image/png
Last-Modified: Wed, 11 Aug 2021 06:10:54 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 11 May 2024 09:33:08 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 6087
04322f.com/index/getUserTimeZoneDate.html?t=lw0hrx5z
154.210.56.88 119 B URL GET 04322f.com/index/getUserTimeZoneDate.html?t=lw0hrx5z
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash 179730fc4795033a965ef9cbab008522
af06bb942fbd52a3a23d52dbf1fb32667e877b2d
141eafa024c26cea4a9fc383516dba25f8219595510131d167235f5bc89d5de5
GET /index/getUserTimeZoneDate.html?t=lw0hrx5z HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Cookie: route=ed8de952ed57247bb4b5c65efa859ad5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:39 GMT
Content-Type: text/html; charset=utf-8
Content-Disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1715334339cc99
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 119
04322f.com/headerInfo.html?t=lw0hrz5n
154.210.56.88 115 B URL 04322f.com/headerInfo.html?t=lw0hrz5n
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash b0ffcc9121f0d3d9bb4d6ea1201edfc5
7792a2535ed9517f31c7b424bdd4a96b06265914
6790cfc5557a06b75a45e27af2f52a32676d11b5e3fa8099d95083553fad1041
GET /headerInfo.html?t=lw0hrz5n HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; SID=axGR71olA/58fkgRY/HVdpy7+3nlv6CBlmdnYs/2e451BFv6LZd3NocPVt3WRlkUJpA253RaOamAMIP29419YJX9OHSBuQcYXjHJZ1eUoq33Ju1/zWA=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:39 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17153343391630
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
04322f.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
154.210.56.88 140 B URL 04322f.com/mobile-api/v5/chess/getActivityMsg.html?function=sign
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash 5d062bc93ef9d75b27e852ed745d170f
1ecf82a0589608b26ee6a29b2cc3229916596626
26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; SID=axGR71olA/58fkgRY/HVdpy7+3nlv6CBlmdnYs/2e451BFv6LZd3NocPVt3WRlkUJpA253RaOamAMIP29419YJX9OHSBuQcYXjHJZ1eUoq33Ju1/zWA=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:40 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=66776b881a59021b52807ef9298664ac; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1715334340efcc
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 140
04322f.com/mobile-api/v5/origin/loginSwitchCheck.html
154.210.56.88 174 B URL 04322f.com/mobile-api/v5/origin/loginSwitchCheck.html
IP 154.210.56.88:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
Certificate IssuerTrustAsia Technologies, Inc.
Subject04321f.com
Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash 1452cebf3e2bb129b06762f43f09e5c8
0ec65f1e79233e8c59f76c55fb89ac8637cfb070
99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; SID=axGR71olA/58fkgRY/HVdpy7+3nlv6CBlmdnYs/2e451BFv6LZd3NocPVt3WRlkUJpA253RaOamAMIP29419YJX9OHSBuQcYXjHJZ1eUoq33Ju1/zWA=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 09:45:40 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=66776b881a59021b52807ef9298664ac; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17153343402393
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 174
etmqz9.innittapp.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
103.198.200.1 1.3 kB URL etmqz9.innittapp.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png
IP 103.198.200.1:0
ASN #138915 Kaopu Cloud HK Limited
Certificate IssuerSectigo Limited
Subject*.innittapp.com
Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62
ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
Hash a2e938202c0287b9c82461a6fd94dee9
b5e2adc7cb07c18a70a88af314e56b946ec1a1b6
df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
Analyzer Verdict Alert urlquery phishing Phishing - Bet365
GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: "5d848f4f-529"
Date: Sat, 20 Apr 2024 12:03:35 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:03:35 GMT
Age: 1719723
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: e56bf0e5f0b73f204374c2b8d6243b05