| |  154.210.56.88 | 200 OK | 0 B |
URL User Request GET HTTP/1.1IP154.210.56.88:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 10 May 2024 07:16:24 GMT
Location: https://04322f.com/
Content-Length: 0
|
|
| 04322f.com/?__CBK=3e2bb041a4abdfcb7656023b9fbf267be1715235614_2072073 | 154.210.56.88 | | 0 B |
URL 04322f.com/?__CBK=3e2bb041a4abdfcb7656023b9fbf267be1715235614_2072073 IP154.210.56.88:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=3e2bb041a4abdfcb7656023b9fbf267be1715235614_2072073 HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 10 May 2024 07:16:26 GMT
Location: https://04322f.com/
Content-Length: 0
|
|
| | 154.210.56.88 | 200 OK | 1.4 kB |
URL User Request GET HTTP/1.1IP154.210.56.88:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hashbe97515708f37e7f0d9c96960360aebe 76291640b669f59eb990b44cf2252c2256db6e41 3b4f683b3b8a10befaf5c1bc54af5575044ae0be3c66895f890e53cebe58a9b5
GET / HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
|
|
| 04322f.com/favicon.ico | 154.210.56.88 | | 1.4 kB |
IP154.210.56.88:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hashb54b70e3cdc854ada80966167f10653f c91a61e637a460b7cb71458106f44f80abcd4437 ea362d5be5e4aed7c12c2bd7fc8d1aa1b051f3f153ea1066551bca551c78c825
GET /favicon.ico HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
|
|
| 04322f.com/?__CBK=38dfc4575d443e63e95935e7e3c3620481715325394_2272245 | 154.210.56.88 | 302 Found | 0 B |
URL User Request GET HTTP/1.104322f.com/?__CBK=38dfc4575d443e63e95935e7e3c3620481715325394_2272245 IP154.210.56.88:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?__CBK=38dfc4575d443e63e95935e7e3c3620481715325394_2272245 HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Length: 0
Location: /
|
|
| | 154.210.56.88 | 200 OK | 77 kB |
URL User Request GET HTTP/1.1IP154.210.56.88:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (624) Hashc360687aadf4a1f74c307d9e5fdcabaa 22a147aae279f514a632920cbfd6935e4389458b 581c765acc51b545fb5b697cce2378eae100e89d8b7551be6b6f3fa58fd74c61
GET / HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 07:17:06 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-html-cache: HIT-3600
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-source-106
Content-Encoding: gzip
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css | 103.198.200.1 | | 17 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (12023) Hashd01c79296c69daae2357744b28ad3a08 6979c86432a04a8cc22818055bd599e10d13892e 03bae6f265bda27347f4697d37ddb03335678cf0a76d5a246ee1b02463294599
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17118
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"661623eb-14596"
Date: Sat, 20 Apr 2024 12:00:58 GMT
Last-Modified: Wed, 10 Apr 2024 05:30:19 GMT
Expires: Mon, 20 May 2024 12:00:58 GMT
Age: 1710970
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 2debe171d962f3fbdeaa93d660554650
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css | 103.198.200.1 | | 6.0 kB |
URL GET etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hashd3e49d9b8d1dc488fdaa187442ea0e4f 66797f9e0c3aa0078702140c27dd719351519f4f 18eedd5bfdcad89ef7b073779d19026c35f9cd9dbfb7de786d80d5451632479d
GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5996
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-36-02
ETag: W/"663addfe-70bb"
Date: Wed, 08 May 2024 02:16:23 GMT
Last-Modified: Wed, 08 May 2024 02:05:50 GMT
Expires: Fri, 07 Jun 2024 02:16:23 GMT
Age: 190845
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg36:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-36-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: dda5c4a80c0b0b0b21e4f1a74c493159
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js | 103.198.200.1 | | 12 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32034) Hashf15409fb02c527ce1f66a2fd3c4aa0e9 1e1e1bcc0f49e99e14ba34991cffe0745178d302 1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"64d5b951-b083"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: 84b6f1aa378e1a4cd07f21c05396c305
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/float.js | 103.198.200.1 | | 1.9 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/float.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"612747ba-1b2f"
Date: Sat, 20 Apr 2024 12:00:13 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Mon, 20 May 2024 12:00:13 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 510cf14af04a717fa21e088312b3a9e5
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js | 103.198.200.1 | | 34 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32038) Hashb091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"5d848f4f-176d4"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-02
X-Cdn-Request-ID: c12e159f2648b9a2d70afc169cd44716
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css | 103.198.200.1 | | 6.3 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (7014) Hash4f6eba52b6bdba2bd8154d39c61fcaab 11a91e977ab64175dc2ec233d45c6cf9d34798b0 b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64ad1569-7b6e"
Date: Sat, 20 Apr 2024 12:00:57 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Mon, 20 May 2024 12:00:57 GMT
Age: 1710971
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-11
X-Cdn-Request-ID: 770168670ca2b63aa22aa449f0cac6b6
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js | 103.198.200.1 | 200 OK | 4.0 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash4de3e8bcf2f02d60519ca0d3584d3b8e 6323c2bf18b1bbf968e164bdf2e58d7677f67f8a 6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"60f60fb5-43bc"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-04
X-Cdn-Request-ID: 0cfe01edd41c12457ce16c1b894ce639
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js | 103.198.200.1 | | 797 B |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"6260ddd4-828"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: b00ce3d999f8d721213418c7c701d04a
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js | 103.198.200.1 | | 3.3 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash3b4680db1e065116488f065419ca9f58 6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"6260ddd4-2f13"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-01
X-Cdn-Request-ID: 1a0378330f67f5cd18282a099baebb6b
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js | 103.198.200.1 | | 2.7 kB |
URL etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash58f1a7fa1a19b0e5ad0a5bad974b98cf 6963ce7378e6c992de06e7e77d79432a0d38f54d fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"64d05f66-2f79"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 57546ebf1c81cca941ec721aa9c3b88d
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js | 103.198.200.1 | | 5.0 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20132), with no line terminators Hash5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-05
ETag: W/"5d848f4f-4ea4"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1711013
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: cae6067161d51facb1cb32613967b197
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js | 103.198.200.1 | 200 OK | 16 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js IP103.198.200.1:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (11056) Hash4007cfe0a95df1d6a9f4252e636f995f b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8 4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"64ddbaed-ee5c"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: a725abf3eed7800538a20db545b2e491
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css |  103.155.16.137 | | 5.7 kB |
URL etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (336) Hash499a3a64bcf22609681f5337a6360c80 fc05a8a391c8375ea4e47183eca56a18bed8fca7 5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"64252e4f-d530"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 1638730
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: eaf2f20a8ae4856b2491b81967ef9459
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css | 103.155.16.137 | | 6.9 kB |
URL etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (489) Hash858eefc3fa70af7d0115c901908471f5 29c181bbbc09a424f7de7cb57629bd8a9e3c679a 9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"64ddd5e1-c760"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 1638729
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 43dc0c4bbaeaac3ae7251629c7d976a7
|
|
| 04322f.com/message_zh_CN.js?v=1715161548792 | 154.210.56.88 | | 9.9 kB |
URL GET 04322f.com/message_zh_CN.js?v=1715161548792 IP154.210.56.88:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (18069) Hash8e3a3463437bc8b56e112f0b87b6a0d0 dfaac70f23b58a771856460bb00aebc5fcadb2ce 0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b
GET /message_zh_CN.js?v=1715161548792 HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 07:17:09 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 11 May 2024 07:17:09 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-1715325429b125
out-line: gb-source-106
X-Cache: HIT, MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/layer.js | 103.198.200.1 | | 7.6 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/layer.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (21922) Hashc42797aecccd5494e2b747cedf1a890b b9e06a6d245b6a3c87f2753db0c9c9aa020640b2 56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-55f6"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-15
X-Cdn-Request-ID: 8336e139dd9a594cd6b1e55a8dcd9972
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js | 103.198.200.1 | | 1.4 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4433), with no line terminators Hashf77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"5d848f4f-1151"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: ba26cfb2a627b3045adcb793d75846e0
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js | 103.198.200.1 | | 17 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (64577) Hashb5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: W/"5d848f4f-fc8b"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711015
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: HIT from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 707e050777db145500aade3ecb50fbb7
|
|
| etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js | 103.198.200.1 | | 7.7 kB |
URL GET etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (27669) Hashf8c2b37c1dc626eede6a2e3e37aa4504 d4e8419497caa64c8a850ac4808dddb89b5eeb3f 728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"655579ca-6caf"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-13
X-Cdn-Request-ID: e3ff602825bf38b717708276f611ab03
|
|
| etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js | 103.198.200.1 | | 4.1 kB |
URL etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators Hash4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-03
ETag: W/"655579ca-3a09"
Date: Sat, 20 Apr 2024 12:00:14 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Mon, 20 May 2024 12:00:14 GMT
Age: 1711015
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
X-Cdn-Request-ID: 9ed2765f3e211a7c9e9d0c21ce2fe117
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css | 103.198.200.1 | | 911 B |
URL GET etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash1da71520b7a0a61526a8fa8d0feb40d1 ba1bf69dad8783563328054cae58ccabf1b00829 5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"5d848f4f-b5d"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1710970
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: cae0da80fa104d579639a400695767b0
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/moment.js | 103.155.16.137 | | 27 kB |
URL etmqz9.innittapp.com/ftl/commonPage/js/moment.js IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash36c8f828395a9395549bd6e7307cb7e9 f30a4961558e2d3d4405e7d93aa28fdb63245e78 5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: W/"64b633ca-1cab9"
Date: Sun, 21 Apr 2024 08:05:00 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Tue, 21 May 2024 08:05:00 GMT
Age: 1638729
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 46b96a345472b991929897b6e038b6c2
|
|
| etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css | 103.198.200.1 | | 3.8 kB |
URL etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (2295) Hashf00ce0554efc5adea6a8e02d5e501cad 388840e376568b37ac0103aa5c87a268778db67a 3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-01
ETag: W/"633d510e-2d52"
Date: Sat, 20 Apr 2024 12:00:59 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Mon, 20 May 2024 12:00:59 GMT
Age: 1710970
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-05
X-Cdn-Request-ID: 54c2fb0293de2d50ce73676839ac2cea
|
|
| etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1715161548792 | 103.198.200.1 | | 5.2 kB |
URL GET etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1715161548792 IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (801) Hash30be40425b37bee4158676082cef1f4d b41ed46721936872d5d7eadf303ce22938240d2a f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1715161548792 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-04
ETag: W/"633d510e-7fd7"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-07
X-Cdn-Request-ID: dc5522f87e6ab0bb6d26d0730d5f6f7c
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 | 103.155.16.137 | | 3.1 kB |
URL etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash5cf9259b7dd27aacd46161ec23d261cf ba0c399616a5ae9cdd8aec5b76ba4aae4822367c 7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"6131d862-48e4"
Date: Sun, 21 Apr 2024 08:05:01 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Tue, 21 May 2024 08:05:01 GMT
Age: 1638728
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 9464c3e4526c46f607ce1ec77cfdeb2c
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js | 103.198.200.1 | | 2.1 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js IP103.198.200.1:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashcc13495ac566c04d5972da9c11a1d870 d9be95a44caff4e4c1d758d0b29236db286ed5b7 ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2076
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-02
ETag: W/"615584f5-1be5"
Date: Sat, 20 Apr 2024 12:00:15 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
Expires: Mon, 20 May 2024 12:00:15 GMT
Age: 1711014
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xg21:443;xg12:80;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-21-09
X-Cdn-Request-ID: 0599841c5c09861360ef4a47e7913672
|
|
| 04322f.com/mobile-api/v5/origin/getFloat.html | 154.210.56.88 | | 3.1 kB |
URL 04322f.com/mobile-api/v5/origin/getFloat.html IP154.210.56.88:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash381dfbc5f1882c63d5e1075ec0af2711 efea5e099be928eebede03abf01b02789859fba6 026eb7f50b5fc9de4c28162828e175a47695bd6c91a370243234e89ef0427f34
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://04322f.com
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 07:17:10 GMT
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
Access-Control-Allow-Origin: https://04322f.com
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1715325430a53c
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| 04322f.com/ftl/bet365-1513/themes/images/index_left_title.png | 154.210.56.88 | | 2.5 kB |
URL 04322f.com/ftl/bet365-1513/themes/images/index_left_title.png IP154.210.56.88:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File typePNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced Hash243751ae9e30b49a76dc9877ad060823 45ced5a86e90e3c2bfdda3598e82fc58d47ea292 5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-9b0"
Date: Fri, 10 May 2024 07:17:10 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 11 May 2024 07:17:10 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, MISS from cdn-Starlink-8C
Content-Length: 2480
|
|
| etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg | 103.155.16.137 | | 6.9 kB |
URL GET etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3 Hash99be4bfe275809d4e436b77c991b1381 54eadee77394eb62ccf377ae68d9f49acb5b6785 4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "5d848f4f-1ad7"
Date: Sun, 21 Apr 2024 08:04:59 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Tue, 21 May 2024 08:04:59 GMT
Age: 1638730
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: 4b11a2f98321fee86e56d1406233082e
|
|
| 04322f.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= | 154.210.56.88 | | 895 B |
URL 04322f.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= IP154.210.56.88:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hash5d5195c142c0bd70b327e068bd8f6f78 968c811de438b050730dbe6eca3393d1c97eb290 803f53a97c2a2fe70b50175c95ad3275165482ac881d01c4f323053d12863812
GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 10 May 2024 07:17:10 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=f99a9c30dbd1a887d1dbc0d8dc11c2e5; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1715325430840a
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| 04322f.com/captcha/loginTop.html?t=jhzptiaj |  0.0.0.0 | | 0 B |
URL GET 04322f.com/captcha/loginTop.html?t=jhzptiaj IP0.0.0.0:0
CertificateIssuerTrustAsia Technologies, Inc. Subject04321f.com Fingerprint83:E2:08:08:87:47:1D:CD:6B:F1:30:B9:46:5C:97:01:31:E0:35:C4 ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: 04322f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://04322f.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|