| www.x04323.com/?__CBK=37c8d8b0dcdb696648c33c259c59c8e651713466566_4155754 |  154.210.56.89 | | 0 B |
URL www.x04323.com/?__CBK=37c8d8b0dcdb696648c33c259c59c8e651713466566_4155754 IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /?__CBK=37c8d8b0dcdb696648c33c259c59c8e651713466566_4155754 HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: 云端cloud加速
Date: Fri, 19 Apr 2024 15:36:45 GMT
Location: https://www.x04323.com/
Content-Length: 0
|
|
| | 154.210.56.89 | 200 OK | 1.4 kB |
URL User Request GET HTTP/1.1IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hash2d0cc03c93fb05498ebae922bc131e7b 18c1b646ea5b57caf930a9f9f12bdbd43e2b29ed 39cd8ed34c991b5465e2889487526dc21ecbf9271ad6a1302e4d62ec9d4882b4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET / HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=utf-8
Connection: close
Transfer-Encoding: chunked
|
|
| www.x04323.com/?__CBK=393f60d5ef20e058fb41718dce225fd811713541012_5388714 | 154.210.56.89 | 302 Found | 0 B |
URL User Request GET HTTP/1.1www.x04323.com/?__CBK=393f60d5ef20e058fb41718dce225fd811713541012_5388714 IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /?__CBK=393f60d5ef20e058fb41718dce225fd811713541012_5388714 HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Length: 0
Location: /
|
|
| www.x04323.com/message_zh_CN.js?v=1712742347025 | 154.210.56.89 | 200 OK | 9.9 kB |
URL GET HTTP/1.1www.x04323.com/message_zh_CN.js?v=1712742347025 IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (18069) Hash8e3a3463437bc8b56e112f0b87b6a0d0 dfaac70f23b58a771856460bb00aebc5fcadb2ce 0aa3002021c50dd94fcd0eb615a6735db1b54723503264f1c24985e0bcdd868b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /message_zh_CN.js?v=1712742347025 HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:19:20 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 20 Apr 2024 15:19:20 GMT
Cache-Control: max-age=86400
uuid: 01513-01-00000000-1713539960ef55
out-line: gb-source-106
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 9892
|
|
| | 154.210.56.89 | 200 OK | 77 kB |
URL User Request GET HTTP/1.1IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (624) Hasha5ae2d4d6c30895e0a06a8c219abbfc8 282e6c3a16b84df7db259a0e93c40173f6829abe 587d5ffd4ead92d0f9b2d636192b67fc234275546f1e8024c35a560404c05515
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET / HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:13 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
X-html-cache: HIT-3600
X-Frame-Options: SAMEORIGIN
uuid: -
out-line: gb-source-106
Content-Encoding: gzip
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css |  103.155.16.137 | 200 OK | 6.3 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/themes/gui-skin-default.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (7014) Hash4f6eba52b6bdba2bd8154d39c61fcaab 11a91e977ab64175dc2ec233d45c6cf9d34798b0 b4ae8f84403e1e8ea7f75cac8491e461ac6e5524260a04d772d53dd912f8e53a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6253
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"64ad1569-7b6e"
Date: Fri, 22 Mar 2024 08:04:29 GMT
Last-Modified: Tue, 11 Jul 2023 08:40:09 GMT
Expires: Sun, 21 Apr 2024 08:04:29 GMT
Age: 2446366
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 1ec4ec8e4337d067ab851bd5fada20bc
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css | 103.155.16.137 | 200 OK | 17 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (12023) Hash5467e94a0a94d39cf935bbf4425b984a 82f7b89fd9e975a2e47bfc1d626e881379b97220 5b4a9404f015f018f983fec18ad9f8b715b9c4f9fce49a46b4a4f7c4713f823e
GET /ftl/commonPage/themes/gui-base.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 17110
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"65d45763-1456b"
Date: Fri, 22 Mar 2024 08:04:28 GMT
Last-Modified: Tue, 20 Feb 2024 07:40:19 GMT
Expires: Sun, 21 Apr 2024 08:04:28 GMT
Age: 2446368
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 31b61e6378fe7a878bb51932755ce936
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css | 103.155.16.137 | 200 OK | 6.0 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/bet365-1513/themes/style/common.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash3ee32cc28bee77ec29467a03b69b0574 36f7c705f1419e6c6840b85f8dd12e379b16c066 4c479d007576da5d4a485513250d8c69d280b5392d54e3516f53140234a532db
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/style/common.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5961
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: W/"631d86f0-7005"
Date: Fri, 22 Mar 2024 08:04:26 GMT
Last-Modified: Sun, 11 Sep 2022 06:57:52 GMT
Expires: Sun, 21 Apr 2024 08:04:26 GMT
Age: 2446370
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cdn-Request-ID: 642306a3cfc07a75314d137f1d91b991
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js | 103.155.16.137 | 200 OK | 34 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32038) Hashb091a47f6b91e26c93a848092c6f3788 52918af2d431e73464060b35d364640c8db75606 329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 33545
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"5d848f4f-176d4"
Date: Fri, 22 Mar 2024 08:04:29 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:29 GMT
Age: 2446367
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 26eaf7a3bc336dcb09e0a235db621c2b
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css | 103.155.16.137 | 200 OK | 5.7 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/themes/hongbao.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (336) Hash499a3a64bcf22609681f5337a6360c80 fc05a8a391c8375ea4e47183eca56a18bed8fca7 5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hongbao.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 5666
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"64252e4f-d530"
Date: Fri, 22 Mar 2024 08:04:30 GMT
Last-Modified: Thu, 30 Mar 2023 06:38:07 GMT
Expires: Sun, 21 Apr 2024 08:04:30 GMT
Age: 2446365
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: 433e5a902cf9cc950d92ceb9da363fb5
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css | 103.155.16.137 | 200 OK | 6.9 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (489) Hash858eefc3fa70af7d0115c901908471f5 29c181bbbc09a424f7de7cb57629bd8a9e3c679a 9f6a77c93f998e065f1ed52eb9943a3c560a50366bba2c8a34a4a1223c793caf
GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-base.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 6923
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"64ddd5e1-c760"
Date: Fri, 22 Mar 2024 08:04:31 GMT
Last-Modified: Thu, 17 Aug 2023 08:10:09 GMT
Expires: Sun, 21 Apr 2024 08:04:31 GMT
Age: 2446365
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-07
X-Cdn-Request-ID: 267863ccb633582d6aee54a5f3906e83
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/float.js | 103.155.16.137 | 200 OK | 1.9 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/float.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash829af863b0cdc4a603919824ae046299 1d417b1553e4ecb7125ebf2005b74255291fbf73 1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/float.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1929
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"612747ba-1b2f"
Date: Fri, 22 Mar 2024 08:04:31 GMT
Last-Modified: Thu, 26 Aug 2021 07:50:18 GMT
Expires: Sun, 21 Apr 2024 08:04:31 GMT
Age: 2446365
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: ce86abf5c4733fc60364f00a46a4a569
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js | 103.155.16.137 | 200 OK | 4.0 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/websocket/Comet.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash4de3e8bcf2f02d60519ca0d3584d3b8e 6323c2bf18b1bbf968e164bdf2e58d7677f67f8a 6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: W/"60f60fb5-43bc"
Date: Fri, 22 Mar 2024 08:04:31 GMT
Last-Modified: Mon, 19 Jul 2021 23:50:13 GMT
Expires: Sun, 21 Apr 2024 08:04:31 GMT
Age: 2446365
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: fde2fcb3563adbb9902f874b86ab42ad
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js | 103.155.16.137 | 200 OK | 12 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32034) Hashf15409fb02c527ce1f66a2fd3c4aa0e9 1e1e1bcc0f49e99e14ba34991cffe0745178d302 1a1b5d3d6fbfc28abe37a668abd59494208c63c5f0b5d040cf4bbbd137f87c27
GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 11957
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"64d5b951-b083"
Date: Fri, 22 Mar 2024 08:04:31 GMT
Last-Modified: Fri, 11 Aug 2023 04:30:09 GMT
Expires: Sun, 21 Apr 2024 08:04:31 GMT
Age: 2446365
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: dff06ce488a0f6b353c3974bcafd97c1
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js | 103.155.16.137 | 200 OK | 797 B |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/websocket/PopUp.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash07864ad2e2759d53f8f2f14dd4295bd9 95144219e2eb702c4c4a707c3622b086876cf41c 871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 797
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"6260ddd4-828"
Date: Fri, 22 Mar 2024 08:04:32 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Sun, 21 Apr 2024 08:04:32 GMT
Age: 2446364
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 30fffec343ca6e211cbd9c51ae59d5ee
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js | 103.155.16.137 | 200 OK | 2.7 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/lazyload.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash58f1a7fa1a19b0e5ad0a5bad974b98cf 6963ce7378e6c992de06e7e77d79432a0d38f54d fb513dceb383ebeda507b1e1cc89ab4d73de071d8aa4fc78bc22f66e7fc5a7e4
GET /ftl/commonPage/js/lazyload.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2731
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: W/"64d05f66-2f79"
Date: Fri, 22 Mar 2024 08:04:33 GMT
Last-Modified: Mon, 07 Aug 2023 03:05:10 GMT
Expires: Sun, 21 Apr 2024 08:04:33 GMT
Age: 2446363
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 27d626b82182a540da505878c9db1e78
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js | 103.155.16.137 | 200 OK | 3.3 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash3b4680db1e065116488f065419ca9f58 6c646601c5656ff6cb1fdf9d5b95823f41e9bcfa e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 3316
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"6260ddd4-2f13"
Date: Fri, 22 Mar 2024 08:04:32 GMT
Last-Modified: Thu, 21 Apr 2022 04:30:12 GMT
Expires: Sun, 21 Apr 2024 08:04:32 GMT
Age: 2446365
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: 25e4b132e6990ef726bf5ccdec019ef0
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js | 103.155.16.137 | 200 OK | 5.0 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20132), with no line terminators Hash5ce8851dc823429a42ab6147554403cc 28f381f0e0aa4f5d56690e65723bd97fb59a38e6 dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5007
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: W/"5d848f4f-4ea4"
Date: Fri, 22 Mar 2024 08:04:33 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:33 GMT
Age: 2446363
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: c5f7ceb4657ca473df14ea41c77a406a
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/layer.js | 103.155.16.137 | 200 OK | 7.6 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/layer.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (21922) Hashc42797aecccd5494e2b747cedf1a890b b9e06a6d245b6a3c87f2753db0c9c9aa020640b2 56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/layer.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7599
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"5d848f4f-55f6"
Date: Fri, 22 Mar 2024 08:04:34 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:34 GMT
Age: 2446363
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 0750f8d0817a285599b1c9d4b93729bb
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js | 103.155.16.137 | 200 OK | 1.4 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4433), with no line terminators Hashf77d83590bc0a69298f2fbcc5d9911cd 1d6aa25d7052f53ad0181385e5efe72f224bbdb9 1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: W/"5d848f4f-1151"
Date: Fri, 22 Mar 2024 08:04:35 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:35 GMT
Age: 2446361
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 4a0211ab621d227f977e5a0085266778
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js | 103.155.16.137 | 200 OK | 17 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (64577) Hashb5bc8cd626b389bde727a91e6ce79436 3df6c39300ac286cf596b3bda273cb39ff825429 a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 17446
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"5d848f4f-fc8b"
Date: Fri, 22 Mar 2024 08:04:35 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:35 GMT
Age: 2446362
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cdn-Request-ID: 5f63131e3c94d1d61f80ad0a4b2d382d
|
|
| etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js | 103.155.16.137 | 200 OK | 7.7 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (27669) Hashf8c2b37c1dc626eede6a2e3e37aa4504 d4e8419497caa64c8a850ac4808dddb89b5eeb3f 728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 7746
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"655579ca-6caf"
Date: Fri, 22 Mar 2024 08:04:35 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Sun, 21 Apr 2024 08:04:35 GMT
Age: 2446362
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-02
X-Cdn-Request-ID: 8b63e1bf084850e498046fe3f93f401e
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js | 103.155.16.137 | 200 OK | 16 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/gui-base.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (11056) Hash4007cfe0a95df1d6a9f4252e636f995f b0f9a2ad5c49b9b50ac5d025c8e9ce803eb5d7a8 4370313fa317e44140f85bba141ec24c2c9ef674593779d3349d2a44001699d0
GET /ftl/commonPage/js/gui-base.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 15779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: W/"64ddbaed-ee5c"
Date: Fri, 22 Mar 2024 08:04:33 GMT
Last-Modified: Thu, 17 Aug 2023 06:15:09 GMT
Expires: Sun, 21 Apr 2024 08:04:33 GMT
Age: 2446363
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-19
X-Cdn-Request-ID: 8e4e8e06ab9aff1fae1dc1961f393e3a
|
|
| etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js | 103.155.16.137 | 200 OK | 4.1 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (14855), with no line terminators Hash4fe7dadf050dad2dcfd386d21b880281 07e7feb8dc9309fe66d86d7a9e27f8efd32ab0bd aa891aafe8e98e1e15d81b2b116e6c3808d0bbbec56cd24818e2e7ac911877c9
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 4126
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"655579ca-3a09"
Date: Fri, 22 Mar 2024 08:04:36 GMT
Last-Modified: Thu, 16 Nov 2023 02:09:14 GMT
Expires: Sun, 21 Apr 2024 08:04:36 GMT
Age: 2446361
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: 3e4649b39697c0e17b320bec21772811
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css | 103.155.16.137 | 200 OK | 911 B |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/themes/hb/css/pc.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash1da71520b7a0a61526a8fa8d0feb40d1 ba1bf69dad8783563328054cae58ccabf1b00829 5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 911
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: W/"5d848f4f-b5d"
Date: Fri, 22 Mar 2024 08:04:37 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:37 GMT
Age: 2446360
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 7efff6027a512f7505d987862f840cfb
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/moment.js | 103.155.16.137 | 200 OK | 27 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/moment.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash36c8f828395a9395549bd6e7307cb7e9 f30a4961558e2d3d4405e7d93aa28fdb63245e78 5d5e32fa1e06a0bc9396f349d142ad248e82086543e438c890e43f41e692db33
GET /ftl/commonPage/js/moment.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 26968
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: W/"64b633ca-1cab9"
Date: Fri, 22 Mar 2024 08:04:37 GMT
Last-Modified: Tue, 18 Jul 2023 06:40:10 GMT
Expires: Sun, 21 Apr 2024 08:04:37 GMT
Age: 2446360
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 28f02e078c69f52258d09645f31c9cc1
|
|
| etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1712742347025 | 103.155.16.137 | 200 OK | 5.2 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1712742347025 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (801) Hash30be40425b37bee4158676082cef1f4d b41ed46721936872d5d7eadf303ce22938240d2a f5ca5f543161a6b37ca2bf26c4f3c630fe08323108c77dac1fba6ce755ce6f47
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1712742347025 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 5207
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"633d510e-7fd7"
Date: Fri, 22 Mar 2024 08:04:37 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Sun, 21 Apr 2024 08:04:37 GMT
Age: 2446360
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cdn-Request-ID: 6dec9e63ee3039015c6355d74fd4fe03
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js | 103.155.16.137 | 200 OK | 2.1 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/bet365-1513/plugin/js/countUp.js IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashcc13495ac566c04d5972da9c11a1d870 d9be95a44caff4e4c1d758d0b29236db286ed5b7 ac5b4f611687c11409ae43b2b0e8544bbdd173832cbe7bea873c2bfe3dcafa0a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/plugin/js/countUp.js HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 2076
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: W/"615584f5-1be5"
Date: Fri, 22 Mar 2024 08:04:37 GMT
Last-Modified: Thu, 30 Sep 2021 09:35:49 GMT
Expires: Sun, 21 Apr 2024 08:04:37 GMT
Age: 2446360
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
Content-Encoding: gzip
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: b3f998126eda5e9c45e56fd1ba582c74
|
|
| etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 | 103.155.16.137 | 200 OK | 3.1 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
Hash5cf9259b7dd27aacd46161ec23d261cf ba0c399616a5ae9cdd8aec5b76ba4aae4822367c 7f73a66b3a9a38576d124b6243a8984d795028e3493b8fa3f688d8dbe10cbccc
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: W/"6131d862-48e4"
Date: Fri, 22 Mar 2024 08:04:37 GMT
Last-Modified: Fri, 03 Sep 2021 08:10:10 GMT
Expires: Sun, 21 Apr 2024 08:04:37 GMT
Age: 2446360
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: c98741b17ffa2becc5aa073ab956ceb4
|
|
| etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css | 103.155.16.137 | 200 OK | 3.8 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (2295) Hashf00ce0554efc5adea6a8e02d5e501cad 388840e376568b37ac0103aa5c87a268778db67a 3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3788
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: W/"633d510e-2d52"
Date: Fri, 22 Mar 2024 08:04:36 GMT
Last-Modified: Wed, 05 Oct 2022 09:40:30 GMT
Expires: Sun, 21 Apr 2024 08:04:36 GMT
Age: 2446361
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-07
X-Cdn-Request-ID: 5338879b3ffaf50b24a4faffea60900c
|
|
| www.x04323.com/mobile-api/v5/origin/getFloat.html | 154.210.56.89 | 200 OK | 2.9 kB |
URL POST HTTP/1.1www.x04323.com/mobile-api/v5/origin/getFloat.html IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Hash02f14b21aa0bbeb9ad601549fd66e64b 8bf7d41aed1f448b569b3124be80ed7a67bdd21b a72d20b80c9978329640432f573719881c8055502aba90ca5f9791f33dc9f50a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
POST /mobile-api/v5/origin/getFloat.html HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 68
Origin: https://www.x04323.com
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:18 GMT
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=61ee84c9f68236309da705261df10e5a; Path=/
Access-Control-Allow-Origin: https://www.x04323.com
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17135410387db4
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg | 103.155.16.137 | 200 OK | 6.9 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 168x168, components 3 Hash99be4bfe275809d4e436b77c991b1381 54eadee77394eb62ccf377ae68d9f49acb5b6785 4ca35131972acdf420b94f0d64a5a0f504eb5a7b0e6fb7b8b467916a12aae37d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6871
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "5d848f4f-1ad7"
Date: Fri, 22 Mar 2024 08:04:36 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sun, 21 Apr 2024 08:04:36 GMT
Age: 2446361
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: c49a83aebbe1a0684e96987203041f8c
|
|
| www.x04323.com/ftl/bet365-1513/themes/images/index_left_title.png | 154.210.56.89 | 200 OK | 2.5 kB |
URL GET HTTP/1.1www.x04323.com/ftl/bet365-1513/themes/images/index_left_title.png IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File typePNG image data, 94 x 25, 8-bit/color RGBA, non-interlaced Hash243751ae9e30b49a76dc9877ad060823 45ced5a86e90e3c2bfdda3598e82fc58d47ea292 5b1fcb53e807ca61edb055b9da1244012dcbe7158ebe7cc98105823f5983c40e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 | | OpenPhish | phishing | Bet365 |
GET /ftl/bet365-1513/themes/images/index_left_title.png HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-9b0"
Date: Fri, 19 Apr 2024 12:43:51 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 20 Apr 2024 12:43:51 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 2480
|
|
| www.x04323.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= | 154.210.56.89 | 200 OK | 915 B |
URL GET HTTP/1.1www.x04323.com/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Hashf3b87f9ee60dbb86661efd4d5a26537a 732d5b11e0a1bf8c845401632b6d59f5703f9b8a ad86ea0b59d0f12a37f74ff3cb92393b98320d21908c3bce3c380e7830f778d0
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:18 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: route=29c626d4e884fe4301eb6b56b4d56981; Path=/
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1713541038b96b
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| www.x04323.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png | 154.210.56.89 | 200 OK | 6.1 kB |
URL GET HTTP/1.1www.x04323.com/ftl/commonPage/themes/images/hongbao/icon-close-1.png IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash30eb0e841ea47a1f05854ebca3f9e9c1 0cb9874c32ff8837c1ffaf89cba502ceb3483b2b 382670ae61fc81522b190a0536d7b993058183aea2ffe81d197ded6af07d2183
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 | | OpenPhish | phishing | Bet365 |
GET /ftl/commonPage/themes/images/hongbao/icon-close-1.png HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "611369ee-17c7"
Date: Fri, 19 Apr 2024 15:37:19 GMT
Content-Type: image/png
Last-Modified: Wed, 11 Aug 2021 06:10:54 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 20 Apr 2024 15:37:19 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, MISS from cdn-Starlink-8C
Content-Length: 6087
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10007/1691858019159.jpg?wsSecret=f9e4f37ee43c1e162c9766ccb62e1221&wsTime=1713541038 | 103.155.16.137 | 200 OK | 93 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10007/1691858019159.jpg?wsSecret=f9e4f37ee43c1e162c9766ccb62e1221&wsTime=1713541038 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 630x260, components 3 Hashc06a6039b2f3561ec5d4f0c69d170671 6865ffb16dc01a6d6bf86bede76b7c2b449fcd4d 272418fb876975275f984b1983457876733c141e7dbb5fc125fb4276b393234e
GET /fserver/files/gb/1513/carousel/10007/1691858019159.jpg?wsSecret=f9e4f37ee43c1e162c9766ccb62e1221&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 93406
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "64d7b463-16cde"
Date: Thu, 28 Mar 2024 06:34:15 GMT
Last-Modified: Sat, 12 Aug 2023 16:33:39 GMT
Expires: Sat, 27 Apr 2024 06:34:15 GMT
Age: 1933383
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: d0f9823a742960dfdfecd6d45fea676f
|
|
| www.x04323.com/index/getUserTimeZoneDate.html?t=lv6u3bl0 | 154.210.56.89 | 200 OK | 119 B |
URL GET HTTP/1.1www.x04323.com/index/getUserTimeZoneDate.html?t=lv6u3bl0 IP154.210.56.89:443 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
CertificateIssuerTrustAsia Technologies, Inc. Subjectx04320.com Fingerprint0C:D4:68:8E:57:F6:BE:1B:1D:94:5B:E3:72:52:51:79:D2:4B:77:09 ValidityFri, 08 Sep 2023 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Hash7d95f0f462e09d7d6bc74a51a778c222 366acec4ec99c7c5b30c4782196bf71bc4e6958d b8186681c239c5de62a30be1d19f0161be0dff39b89735da7a38ba0c0b5ce434
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /index/getUserTimeZoneDate.html?t=lv6u3bl0 HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:19 GMT
Content-Type: text/html; charset=utf-8
Content-Disposition: inline;filename=f.txt
sub-sys: msite
cachettl: 3
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-17135410394b1c
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 119
|
|
| www.x04323.com/headerInfo.html?t=lv6u3c70 | 154.210.56.89 | | 116 B |
URL GET www.x04323.com/headerInfo.html?t=lv6u3c70 IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hash6e3b0c877e6c92091393d51454b77339 5c5b475631e0a5b714c19e3c4023cf45e6a4bb27 c8435c6032c6bbcbc0c73d33b638413982cd73255151b5d86bac4d51d8f2a534
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /headerInfo.html?t=lv6u3c70 HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:20 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Disposition: inline;filename=f.txt
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-171354104092fc
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| etmqz9.innittapp.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png | 103.155.16.137 | | 1.3 kB |
URL etmqz9.innittapp.com/ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced Hasha2e938202c0287b9c82461a6fd94dee9 b5e2adc7cb07c18a70a88af314e56b946ec1a1b6 df9ce20db277ad8302c704a73aff5024683a0d38aff0d3e7e884a67a24439936
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/themes/images/layer-dialog/gui-layer-close-bg.png HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etmqz9.innittapp.com/ftl/commonPage/themes/gui-layer.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1321
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "5d848f4f-529"
Date: Thu, 28 Mar 2024 06:29:59 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sat, 27 Apr 2024 06:29:59 GMT
Age: 1933640
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 0f2606da292c2861f862ae77ceb4f0f2
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=567a168b25f5c71087d8054c23e2d0cd&wsTime=1713541038 | 103.155.16.137 | | 2.3 kB |
URL GET etmqz9.innittapp.com/fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=567a168b25f5c71087d8054c23e2d0cd&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 139 x 29, 8-bit/color RGBA, non-interlaced Hash52a331a9176f0e79b54a961fabdadb81 f2b3c1eecc85589242ba6cab9e5ff605364f415e 8ddf9b81682f988f038c7b64d1880a2c18f519497e75b569e0bdea65413d55d6
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /fserver/files/gb/1513/Logo/1/1601467631140.png?wsSecret=567a168b25f5c71087d8054c23e2d0cd&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2276
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "5f746413-8e4"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Wed, 30 Sep 2020 10:55:15 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 1933640
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: e3cdd93487b7e7b2b2fb566c89adf297
|
|
| etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=8f8fbd1c9cf09f0029410d3eac9a6be4&wsTime=1713541038 | 103.155.16.137 | | 4.2 kB |
URL etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=8f8fbd1c9cf09f0029410d3eac9a6be4&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced Hashaf8e634c913f2a0398342b315793de02 886daf11ed8cb8a67313b28f042100c3a87cedd0 ab903e832a7be190aab69d16acfd4f4c3694760a8b215e06ec356541f33d4b27
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/images/casino/casino_logo_mg.png?wsSecret=8f8fbd1c9cf09f0029410d3eac9a6be4&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4152
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "5d848f4f-1038"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Fri, 20 Sep 2019 08:35:27 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 1933640
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: a5e80cdfc11df10f37343fe406866c0b
|
|
| etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_vs.png?wsSecret=1aa852996c31e8bf1b019e30ce115ef5&wsTime=1713541038 | 103.155.16.137 | | 5.0 kB |
URL etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_vs.png?wsSecret=1aa852996c31e8bf1b019e30ce115ef5&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced Hash2402cfcfffe253d89768ba1614847112 b4daa7393b99f7960926992247d1609ea5cd3921 4b28589dba696ca992cde07a46032664b959a925889dcbc6193054bba8fcbf1d
GET /ftl/commonPage/images/casino/casino_logo_vs.png?wsSecret=1aa852996c31e8bf1b019e30ce115ef5&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4950
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "615c060f-1356"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Tue, 05 Oct 2021 08:00:15 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 1933640
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: ea079af1cc5ea1d0c833e35979d26a65
|
|
| etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=ec9f83da8a28484a5be6c618cec07ade&wsTime=1713541038 | 103.155.16.137 | 200 OK | 5.3 kB |
URL GET HTTP/1.1etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=ec9f83da8a28484a5be6c618cec07ade&wsTime=1713541038 IP103.155.16.137:443 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, interlaced Hash715accde73ee91614d615e95f82739f9 1c47e65ab9b1ad7074f9b7dd934a816bd3ef834e 13d1b623d4dd66c17067a7aea27e71fc4510406a946f13c86f99c499b4e7aa62
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/images/casino/casino_logo__hot.png?wsSecret=ec9f83da8a28484a5be6c618cec07ade&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 5335
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: "5ff80d82-14d7"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Fri, 08 Jan 2021 07:45:06 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 1933640
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: 87593f88f2ce1ac8012db98fec51cb52
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10057/1704450087425.jpg?wsSecret=7a201042325cad9bda3ca29f0c73978c&wsTime=1713541038 | 103.155.16.137 | | 151 kB |
URL etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10057/1704450087425.jpg?wsSecret=7a201042325cad9bda3ca29f0c73978c&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 692x516, components 3 Size151 kB (151254 bytes) Hashd7b34268a2e2eee25d179d0479f79039 edbd73183fe4456cf1569526e21637983df50754 77423f5eb7ab6201c0b10a7a608fe3f5a596450fe06031a0f27c337f66fedd77
GET /fserver/files/gb/1513/carousel/10057/1704450087425.jpg?wsSecret=7a201042325cad9bda3ca29f0c73978c&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 151254
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: "6597d827-24ed6"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Fri, 05 Jan 2024 10:21:27 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 1933639
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-07
X-Cdn-Request-ID: 704c26b5a27e82981fcf789ed551e2d0
|
|
| www.x04323.com/captcha/loginTop.html?t=jhzptiaj | 154.210.56.89 | | 1.5 kB |
URL GET www.x04323.com/captcha/loginTop.html?t=jhzptiaj IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x40, components 3 Hash5e5b02ae716c8ff71c02e457e7ec0495 c15513c31f00405336c75792d0ff776936978d06 8cdb86fca84bd6915b45c72b52dc2ec7871cd3d92a960a4bb75155814d1bcb9e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Bet365 |
GET /captcha/loginTop.html?t=jhzptiaj HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:20 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Set-Cookie: route=ed8de952ed57247bb4b5c65efa859ad5; Path=/
SID=n8jlTIkU2i3RQ0HzxohSRto1Oh9sQ3/9cnJYhSeOGH35dTuktfoiCfV1p/NkBPIYidV56fpYHblLW+jMXjvBQOMrrScdiTtPaHBUUHx7S9f/sLQb6PE=; Domain=www.x04323.com; Path=/; HttpOnly
tempSid: n8jlTIkU2i3RQ0HzxohSRto1Oh9sQ3/9cnJYhSeOGH35dTuktfoiCfV1p/NkBPIYidV56fpYHblLW+jMXjvBQOMrrScdiTtPaHBUUHx7S9f/sLQb6PE=
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
sub-sys: msite
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1713541040a0ec
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Transfer-Encoding: chunked
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10046/1700743940627.jpg?wsSecret=5ffead127d254aa69785bf92c44e257b&wsTime=1713541038 | 103.155.16.137 | | 113 kB |
URL etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10046/1700743940627.jpg?wsSecret=5ffead127d254aa69785bf92c44e257b&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 692x516, components 3 Size113 kB (112572 bytes) Hashcc285e2bcd4bdfa167f3a89cdfa8c3fd 59e3f2eddcfa5bdcd68f132883b5f6a2cf751226 0a7c20d3c2e426baa9403abbeb5bd2ef0fe3d09b5eb2ba42e9e2cb3863227a4e
GET /fserver/files/gb/1513/carousel/10046/1700743940627.jpg?wsSecret=5ffead127d254aa69785bf92c44e257b&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 112572
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "655f4b04-1b7bc"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Thu, 23 Nov 2023 12:52:20 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 1933636
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: 7039bce165671ca4d85d7ee41ade3afc
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=543792a50a9bcacf7cd26dda92760715&wsTime=1713541038 | 103.155.16.137 | | 1.2 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/hot1.gif?wsSecret=543792a50a9bcacf7cd26dda92760715&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeGIF image data, version 89a, 14 x 18 Hashd7ee8c341d86a4bb78532e2d8e721b7e 0e9394a2905d235b6a7215a03f0a5f8534451bef ff425363cf8edbb85d152bcdc36a137596829b6c003ac77a1be531922cd8f055
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/hot1.gif?wsSecret=543792a50a9bcacf7cd26dda92760715&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1248
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: "613c72a9-4e0"
Date: Thu, 28 Mar 2024 06:30:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:56 GMT
Age: 1933584
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: HIT from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: 5f26d7d24e40f146f3d3b64a3c8eae77
|
|
| www.x04323.com/mobile-api/v5/origin/loginSwitchCheck.html | 154.210.56.89 | | 174 B |
URL GET www.x04323.com/mobile-api/v5/origin/loginSwitchCheck.html IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hash1452cebf3e2bb129b06762f43f09e5c8 0ec65f1e79233e8c59f76c55fb89ac8637cfb070 99a31cd18b8ce37d3725d0a77d5e314452d2906ed2b54b8b19d4de849d1bf13d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 | | OpenPhish | phishing | Bet365 |
GET /mobile-api/v5/origin/loginSwitchCheck.html HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:20 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=f7c95a7b6b031c620a6304190a7ddf24; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-171354104019be
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 174
|
|
| www.x04323.com/mobile-api/v5/chess/getActivityMsg.html?function=sign | 154.210.56.89 | | 140 B |
URL GET www.x04323.com/mobile-api/v5/chess/getActivityMsg.html?function=sign IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hash5d062bc93ef9d75b27e852ed745d170f 1ecf82a0589608b26ee6a29b2cc3229916596626 26e77aa8c61c230db13c8fd74d4ab3adf8be54c3192c4e16f94e633a71efc2e1
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 | | OpenPhish | phishing | Bet365 |
GET /mobile-api/v5/chess/getActivityMsg.html?function=sign HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Cookie: route=29c626d4e884fe4301eb6b56b4d56981
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:20 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: route=1bd47f3fb2de4e856ef59c7ef0cfd5c8; Path=/
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1713541040abe5
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 140
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10035/1700636520075.jpg?wsSecret=f2c1348549f8b06062c4e4fcd87ec05c&wsTime=1713541038 | 103.155.16.137 | | 176 kB |
URL etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10035/1700636520075.jpg?wsSecret=f2c1348549f8b06062c4e4fcd87ec05c&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, progressive, precision 8, 692x516, components 3 Size176 kB (176197 bytes) Hash6f4e3e1934e44400d10656625bd4aec9 da0da6ef4b632061b155fa30341755e49e23676b 1ac1edea996c9e8711956ab5fdf4ae0f447b88a8e039fdb86b95f692c942ced6
GET /fserver/files/gb/1513/carousel/10035/1700636520075.jpg?wsSecret=f2c1348549f8b06062c4e4fcd87ec05c&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 176197
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "655da768-2b045"
Date: Thu, 28 Mar 2024 06:30:59 GMT
Last-Modified: Wed, 22 Nov 2023 07:02:00 GMT
Expires: Sat, 27 Apr 2024 06:30:59 GMT
Age: 1933580
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 54523f7c15bd55317c422f3b7b7b4515
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=5299cc60572fea88452cf60c30428389&wsTime=1713541038 | 103.155.16.137 | | 918 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=5299cc60572fea88452cf60c30428389&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x796, components 3 Hash28b9980238466725db46247eeb3ae314 5490115ce6b25413f142811de784c6460cb7bab2 32c09d293a7029ae5c392f2986a13296809654b4e3816ebc5b9dd7a31a9fb51d
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/layout-left.jpg?wsSecret=5299cc60572fea88452cf60c30428389&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 918
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-396"
Date: Thu, 28 Mar 2024 06:39:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:36 GMT
Age: 1933064
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-07
X-Cdn-Request-ID: effd60424fc416d16e8343e06cf1fa7c
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=2b6c28df783bd8dda2f5c733c329c5ee&wsTime=1713541038 | 103.155.16.137 | | 680 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/member_login.png?wsSecret=2b6c28df783bd8dda2f5c733c329c5ee&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 169 x 34, 8-bit colormap, non-interlaced Hashdd8380feb68da72f3f8fe960f611ce7c 707651dea23c986d71afe91337a2822d3945b552 f25f16a3e8f11c5e37793ddbaf9351a915d8df2e1c8d39cac01dadd255de9573
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/member_login.png?wsSecret=2b6c28df783bd8dda2f5c733c329c5ee&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 680
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-2a8"
Date: Thu, 28 Mar 2024 06:30:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:57 GMT
Age: 1933583
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: 3e7a054f70d63e0ac572ef6d843dff98
|
|
| www.x04323.com/mobile-api/v5/origin/getThirdParam.html | 154.210.56.89 | | 103 B |
URL www.x04323.com/mobile-api/v5/origin/getThirdParam.html IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
Hash9ac55fe189e4f53f37156e563e0f542e 18b13b1360ce9fbd973e046d2652be38d58a15e0 d7e02321006e1520d4c3e8d26428462419388e022cc89f3c974d0b87ad83af7b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 | | OpenPhish | phishing | Bet365 |
GET /mobile-api/v5/origin/getThirdParam.html HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Cookie: route=f7c95a7b6b031c620a6304190a7ddf24; SID=n8jlTIkU2i3RQ0HzxohSRto1Oh9sQ3/9cnJYhSeOGH35dTuktfoiCfV1p/NkBPIYidV56fpYHblLW+jMXjvBQOMrrScdiTtPaHBUUHx7S9f/sLQb6PE=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
Date: Fri, 19 Apr 2024 15:37:21 GMT
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Methods: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type,Access-Token,X-Requested-With
Content-Disposition: inline;filename=f.txt
sub-sys: mobile
X-Frame-Options: SAMEORIGIN
uuid: 01513-01-00000000-1713541041909f
out-line: gb-source-106
X-Cache: MISS from cdn-Starlink-8C
Content-Length: 103
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10026/1686752442517.png?wsSecret=2c13ad67bdbbdf4416d88ca541ded23e&wsTime=1713541038 | 103.155.16.137 | | 341 kB |
URL etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10026/1686752442517.png?wsSecret=2c13ad67bdbbdf4416d88ca541ded23e&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 692 x 516, 8-bit/color RGB, non-interlaced Size341 kB (340563 bytes) Hashf8a72225548e26262f749c395c97d1fa e8910bdaf16e6c1cd5df6fca3d286167f821f96b 93d1d2dae7ebf2d19694b0f20032128435898169a7924bf8d4074918e48acdff
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /fserver/files/gb/1513/carousel/10026/1686752442517.png?wsSecret=2c13ad67bdbbdf4416d88ca541ded23e&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 340563
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "6489ccba-53253"
Date: Thu, 28 Mar 2024 06:30:02 GMT
Last-Modified: Wed, 14 Jun 2023 14:20:42 GMT
Expires: Sat, 27 Apr 2024 06:30:02 GMT
Age: 1933637
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: a416aa6871950b3023051c99e9bd7344
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=1fb78cbdef18ee29b562c92ace12fde1&wsTime=1713541038 | 103.155.16.137 | | 306 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_id.png?wsSecret=1fb78cbdef18ee29b562c92ace12fde1&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 11 x 14, 8-bit colormap, non-interlaced Hash8eff7c810e9fe738953f72c30600c49d 76d0ff44cfe59218f5520bb880ca1a8b227185be ce1d697df52ad12d4443c85c7d257ccdfc48803bdc84409ed7732231587f56d0
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/input_id.png?wsSecret=1fb78cbdef18ee29b562c92ace12fde1&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 306
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-132"
Date: Thu, 28 Mar 2024 06:39:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:36 GMT
Age: 1933064
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-20
X-Cdn-Request-ID: 79621f0175979423ab5a79ca6054792c
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=2e5caba083508e993ddc4b7b9261c757&wsTime=1713541038 | 103.155.16.137 | | 295 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/input_pw.png?wsSecret=2e5caba083508e993ddc4b7b9261c757&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 11 x 14, 8-bit colormap, non-interlaced Hash8a10f6dde7ab93278fce03968f25594f 61bc29c3cd2a21ca6ff9dc300cfbe3b7789b7862 6792a1a4f681b2d608c6a3e1964e0d2ef9b3fcf743ce3b8afee4a1c97ea2da7b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/input_pw.png?wsSecret=2e5caba083508e993ddc4b7b9261c757&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 295
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "613c72a9-127"
Date: Thu, 28 Mar 2024 06:30:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:56 GMT
Age: 1933585
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-09
X-Cdn-Request-ID: c37a40c9484f63e700fa99cdfef15d7d
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=c1e225352477d6ea9c102c8315a93a2b&wsTime=1713541038 | 103.155.16.137 | | 328 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=c1e225352477d6ea9c102c8315a93a2b&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 190 x 66, 8-bit colormap, non-interlaced Hashc84badf514a135594e25cbcd6a5e6d4b 6883fd7e93396a9aeb426d2035a724335b5e04c4 5975ef695aff12c818fe0c61c10a3a14b01f38dbfc7d102de8c1d3444befa08e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/login_btn_index.png?wsSecret=c1e225352477d6ea9c102c8315a93a2b&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 328
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-148"
Date: Thu, 28 Mar 2024 06:39:36 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:36 GMT
Age: 1933065
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-10
X-Cdn-Request-ID: 0e4d741703bd47ae0daddc1cae807afc
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10030/1686395314100.png?wsSecret=4eea76a09b337010792afde6893d848a&wsTime=1713541038 | 103.155.16.137 | | 266 kB |
URL etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10030/1686395314100.png?wsSecret=4eea76a09b337010792afde6893d848a&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 692 x 516, 8-bit/color RGB, non-interlaced Size266 kB (266168 bytes) Hasha806d7a444b2ef9b8cc89ec7e8e7734f 55868897081e15bcf2c399bc5a775e3007155442 671761066cbac53d7aa37a14455d8a4fd9d20e69ce51fd00d95352091feaff84
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /fserver/files/gb/1513/carousel/10030/1686395314100.png?wsSecret=4eea76a09b337010792afde6893d848a&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 266168
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-01
ETag: "648459b2-40fb8"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Sat, 10 Jun 2023 11:08:34 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 1933636
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-01, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: 751f41724a3d0b3a9e79e8950c38fb25
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=8b480775208230fbadba5956272b08d6&wsTime=1713541038 | 103.155.16.137 | | 318 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=8b480775208230fbadba5956272b08d6&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 14 x 14, 8-bit colormap, non-interlaced Hashe149b3e85d15c14a150036f93b296253 0006db6a1d3cc14a1d6da738d3243674d6110f84 9137d5630ca64621c97786e21e5ff77e75de43a4e0597aa6974e25d59082428e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/notice_icon.png?wsSecret=8b480775208230fbadba5956272b08d6&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 318
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: "613c72a9-13e"
Date: Thu, 28 Mar 2024 06:30:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:57 GMT
Age: 1933584
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-02
X-Cdn-Request-ID: f05e28f5c825d5ac88fdf6b32a2cc856
|
|
| www.x04323.com/ftl/bet365-1513/themes/images/license.png | 154.210.56.89 | | 21 kB |
URL GET www.x04323.com/ftl/bet365-1513/themes/images/license.png IP154.210.56.89:0 ASN#139471 HWA CENT TELECOMMUNICATIONS LIMITED
File typePNG image data, 198 x 249, 8-bit/color RGBA, non-interlaced Hash6b050a88569349c273caa04328ad5219 b8d7f0fed474522391c84e424585f045563c60cd 3740a6aa129a59a5382f6cd772dcdb598a034229d79c2d40f21210b1625a8895
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 | | OpenPhish | phishing | Bet365 |
GET /ftl/bet365-1513/themes/images/license.png HTTP/1.1
Host: www.x04323.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=2592000
ETag: "613c72a9-5176"
Date: Fri, 19 Apr 2024 12:43:51 GMT
Content-Type: image/png
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
Expires: Sat, 20 Apr 2024 12:43:51 GMT
Cache-Control: max-age=86400
uuid: -
out-line: gb-source-106
Accept-Ranges: bytes
X-Cache: HIT, HIT from cdn-Starlink-8C
Content-Length: 20854
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=9eb4959e91117d3865f49280eb2fec20&wsTime=1713541038 | 103.155.16.137 | | 740 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/slot_more.png?wsSecret=9eb4959e91117d3865f49280eb2fec20&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 36 x 38, 8-bit colormap, non-interlaced Hashd2020a71d2421b3d25dc61b5d3791fa9 95253209215c094261111d322b008882c5ea44cf c10dc5600856216b21a2a3af99e8a3e9fd7b7a022ed9c0d54c1eb1a8d2eeb201
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/slot_more.png?wsSecret=9eb4959e91117d3865f49280eb2fec20&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 740
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-2e4"
Date: Thu, 28 Mar 2024 06:29:59 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:29:59 GMT
Age: 1933642
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: ff320a779b70f1cccf41b4c215186e83
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=41d8a0720e236e5778e0f0a325a4cc64&wsTime=1713541038 | 103.155.16.137 | | 19 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=41d8a0720e236e5778e0f0a325a4cc64&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3 Hashd06d179cfd809dd45cd071fd1aefb40a 343efa5fdbe90c21443d4ab53ca3e1bb579d973f 6c0365335149978f1ab9b2980e13e95dea2538c2e21a54e7ddeb33ca21a1b039
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/other_links_fish.jpg?wsSecret=41d8a0720e236e5778e0f0a325a4cc64&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 19222
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "613c72a9-4b16"
Date: Thu, 28 Mar 2024 06:29:59 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:29:59 GMT
Age: 1933641
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: b45ea738c0b9e32458a5d0ecc8361c33
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=8338c1862d8f76b4c43f2296bbc9a625&wsTime=1713541038 | 103.155.16.137 | | 20 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=8338c1862d8f76b4c43f2296bbc9a625&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 313x125, components 3 Hashb3f1a365e502da9ff5a176396d415771 7c7967837cd4704a21265da90bcc978a1c98eaac 42af959e91e71e0af8d559e88bb0537cdfa8a89e7d593a2d1d179b22691736e7
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/other_links_chess.jpg?wsSecret=8338c1862d8f76b4c43f2296bbc9a625&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 20422
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "613c72a9-4fc6"
Date: Thu, 28 Mar 2024 06:30:57 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:57 GMT
Age: 1933584
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-13
X-Cdn-Request-ID: 86d4f02224dfc5b77d638602c7df621a
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=4bc2d49adfe211821d35c6dd1c7217e3&wsTime=1713541038 | 103.155.16.137 | | 928 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=4bc2d49adfe211821d35c6dd1c7217e3&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 171 x 34, 8-bit colormap, non-interlaced Hash6a35d7146f6fb12966be9d95ec7390f0 4e08c3f9269809beff65e607577204e3fa259d22 3892610b331020e0c985693c462ea4c2f1a2a86194fc1a61562725820c7e81cb
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/jackpot_title.png?wsSecret=4bc2d49adfe211821d35c6dd1c7217e3&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 928
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "613c72a9-3a0"
Date: Thu, 28 Mar 2024 06:29:59 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:29:59 GMT
Age: 1933642
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: ea3411180357e17de94e219c6f09efbb
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/list_head.png?wsSecret=c08b3a9ed8a83832fbbbba7485973cc5&wsTime=1713541038 | 103.155.16.137 | | 111 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/list_head.png?wsSecret=c08b3a9ed8a83832fbbbba7485973cc5&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 5 x 23, 2-bit colormap, non-interlaced Hash21fb21afd6064e87b0f471e81a00469f b706061210181a99108aed97c7e694f08b0e5a29 7eeab9f0c7b8fb99b0973ad8e07b720cc651893ef4400204937f1962b3d5ed17
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/list_head.png?wsSecret=c08b3a9ed8a83832fbbbba7485973cc5&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 111
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-03
ETag: "613c72a9-6f"
Date: Thu, 28 Mar 2024 06:30:56 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:56 GMT
Age: 1933585
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-03, HIT from KS-CLOUD-XJP-FOREIGN-21-04
X-Cdn-Request-ID: 91829433ec090224cb35f6ab42d10497
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=4d07cf71bbfbd0ceb92b948abe43146e&wsTime=1713541038 | 103.155.16.137 | | 873 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=4d07cf71bbfbd0ceb92b948abe43146e&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 30 x 30, 8-bit colormap, non-interlaced Hashaae380c627076a477224dc2ccdc60c88 f60cadb09dac7476733f1924aa59853cb98df7ab 7e6d9e46386b12a52b52e4361c17f23e3b3041947155d6a9286b9ec563350273
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/deposit_img01.png?wsSecret=4d07cf71bbfbd0ceb92b948abe43146e&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 873
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "613c72a9-369"
Date: Thu, 28 Mar 2024 06:31:00 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:31:00 GMT
Age: 1933581
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 4325be95bbec091118c9e3e98ebffbf4
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=74485771dcb49842828ede28b54e86b2&wsTime=1713541038 | 103.155.16.137 | | 538 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=74485771dcb49842828ede28b54e86b2&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 31 x 30, 8-bit colormap, non-interlaced Hash892feea4e5200bad99b81a1d0f08de44 f0ab65687dae79bb8d17acee21af91861382c55d e353da507c7cd437813dae33a058d8b1b7c41aeab30489499abb99b0d542699e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/deposit_img02.png?wsSecret=74485771dcb49842828ede28b54e86b2&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 538
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-21a"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 1933638
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-07
X-Cdn-Request-ID: 721eda13acaac2f2366912a3f5c6b0f9
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=3bec692727db6e6d5e6c716d4148b44d&wsTime=1713541038 | 103.155.16.137 | | 543 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=3bec692727db6e6d5e6c716d4148b44d&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 35 x 30, 8-bit colormap, non-interlaced Hash730071bbc93fe62be758c91e08e477e3 809ece67f2e7ae25f91de7ae082ab63b43068591 e02f4603a6ce557ca57f7aab0a3359d4baeb77abd4f3c9e0b9af59c2dffcccef
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/deposit_img03.png?wsSecret=3bec692727db6e6d5e6c716d4148b44d&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 543
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "613c72a9-21f"
Date: Thu, 28 Mar 2024 06:30:04 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:04 GMT
Age: 1933638
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: a719e51d71b0e4420c6330f42ec2b5ea
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=6a274edfc18861aa7f3d40f8d0682f7b&wsTime=1713541038 | 103.155.16.137 | | 3.7 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=6a274edfc18861aa7f3d40f8d0682f7b&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 307x260, components 3 Hash884ab3a54eaeeee2c944773ac757ebcd 1aded473eecfb23f06fc59d4cc989853d2117489 bb3a93104a804d751e4456abbef235889811b806243edbbbb31a757c070b612a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/slot_list_bg.jpg?wsSecret=6a274edfc18861aa7f3d40f8d0682f7b&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3728
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "613c72a9-e90"
Date: Thu, 28 Mar 2024 06:30:00 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:00 GMT
Age: 1933641
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-12
X-Cdn-Request-ID: 3031016dabf59a62bfe5bd06492d47f2
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=7ed5440781bf73391996cb36619bcb2d&wsTime=1713541038 | 103.155.16.137 | | 720 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=7ed5440781bf73391996cb36619bcb2d&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hasheafb012d74f2fccb8980ff1f5fe07ef4 81ce3388b2452316c98a04232e85fea66875a4bb cb620d60f10951a0d7adfa808e9591e672c5669c8e2701e39d0120c9474e8c17
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/deposit_img05.png?wsSecret=7ed5440781bf73391996cb36619bcb2d&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 720
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "613c72a9-2d0"
Date: Thu, 28 Mar 2024 06:31:00 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:31:00 GMT
Age: 1933581
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: 616521e02c74512500abd3aa023463c3
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=a7e9fbcddddc4a2a118ad94416844e4a&wsTime=1713541038 | 103.155.16.137 | | 1.7 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=a7e9fbcddddc4a2a118ad94416844e4a&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 28 x 33, 8-bit colormap, non-interlaced Hash7cc35487e902b5a225eb1c7bafcab384 c93a1544416caff36cf704c2d9361d7acd0b1fc0 3acedbde98f248f7dd0167f15dd644e473a9455b23c3d44056c7b383712fa32b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/deposit_img04.png?wsSecret=a7e9fbcddddc4a2a118ad94416844e4a&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1704
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "613c72a9-6a8"
Date: Thu, 28 Mar 2024 06:31:00 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:31:00 GMT
Age: 1933581
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: bf3ec2bbeaa8ad8f68be557e2c00c937
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=84cd1ccb1bac60b057f0bf3ce75677c1&wsTime=1713541038 | 103.155.16.137 | | 421 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=84cd1ccb1bac60b057f0bf3ce75677c1&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1x606, components 3 Hash3b818a8e981df7bd62b44be39b0c4c98 d833407d5ff08e4b5d6503951f01cd2f1c9ed3c1 fca542f60ac7b1d89c6806136f5faca8433dffe65687b921a973de952590f68c
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/index_footer_bg.jpg?wsSecret=84cd1ccb1bac60b057f0bf3ce75677c1&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 421
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-05
ETag: "613c72a9-1a5"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 1933638
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-05, HIT from KS-CLOUD-XJP-FOREIGN-21-17
X-Cdn-Request-ID: 6d884be214c1f9c15b2ec5c3d618a654
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=9c06bce1a1c2837c5d7640a6eb1fd6f6&wsTime=1713541038 | 103.155.16.137 | | 519 B |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/oclock.png?wsSecret=9c06bce1a1c2837c5d7640a6eb1fd6f6&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 15 x 17, 8-bit colormap, non-interlaced Hashabf297e51fa41e9771aa7392fa9cba44 f76236aa20e9b0d8032666ff853fa87489049b08 1e082f27f562177c07f18f10e71d37d43ded6c836d16d425272ff33c51c3c798
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/oclock.png?wsSecret=9c06bce1a1c2837c5d7640a6eb1fd6f6&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 519
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-FOREIGN-12-06
ETag: "613c72a9-207"
Date: Thu, 28 Mar 2024 06:34:21 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:34:21 GMT
Age: 1933381
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-206
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-FOREIGN-12-06, HIT from KS-CLOUD-XJP-FOREIGN-21-11
X-Cdn-Request-ID: abcaa80e3776f8b3d5f97ff1ecf54797
|
|
| etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10006/1691858042466.jpg?wsSecret=76fa97aa043ca13c83e3badeff04a9b0&wsTime=1713541038 | 103.155.16.137 | | 85 kB |
URL etmqz9.innittapp.com/fserver/files/gb/1513/carousel/10006/1691858042466.jpg?wsSecret=76fa97aa043ca13c83e3badeff04a9b0&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 630x260, components 3 Hash41d7a246380afdbd4161f4f652d3f7cb 2e56aeb5c5b7185b5442bee64ee760e74e835eb4 6b2b10f3285b947e277e56484cd14952b4d2a48e5d79031965a2efefd230b33f
GET /fserver/files/gb/1513/carousel/10006/1691858042466.jpg?wsSecret=76fa97aa043ca13c83e3badeff04a9b0&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 85086
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "64d7b47a-14c5e"
Date: Thu, 28 Mar 2024 06:30:02 GMT
Last-Modified: Sat, 12 Aug 2023 16:34:02 GMT
Expires: Sat, 27 Apr 2024 06:30:02 GMT
Age: 1933639
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-05
X-Cdn-Request-ID: d2ed370afd8b685934c521558f035fc8
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=a38bbabd74f06de0c9fc02ce3ac5ddbb&wsTime=1713541038 | 103.155.16.137 | | 13 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=a38bbabd74f06de0c9fc02ce3ac5ddbb&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced Hashf0f041843a33f8356cb6ad96fb74c2f5 42fd118f67208a2491b5fe3b8a9e30c0ae2e51b4 fbb999a8d57dbee751c035fd30e9c4bbdbb16f440f6886f285d540c33d4381f9
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/footer_title_service.png?wsSecret=a38bbabd74f06de0c9fc02ce3ac5ddbb&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 12679
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-09
ETag: "613c72a9-3187"
Date: Thu, 28 Mar 2024 06:34:21 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:34:21 GMT
Age: 1933381
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-09, HIT from KS-CLOUD-XJP-FOREIGN-21-08
X-Cdn-Request-ID: ba93a9583f9afa0b01dbdbd4f242dd26
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=72e9d4a64beb0509d90f733dd1c5ceaf&wsTime=1713541038 | 103.155.16.137 | | 12 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=72e9d4a64beb0509d90f733dd1c5ceaf&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 861 x 68, 8-bit colormap, non-interlaced Hash56c2eec7f48eb3d9671c0be5ae85122e 31673dee121aeefb578b0399c772b98bbea2d33f 59dccedf293c4425ced117b504ddd0d96d7e4460ba90cfe0f7c82173f35c9552
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/footer_partner_index.png?wsSecret=72e9d4a64beb0509d90f733dd1c5ceaf&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 12448
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-07
ETag: "613c72a9-30a0"
Date: Thu, 28 Mar 2024 06:30:03 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:03 GMT
Age: 1933639
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-07, HIT from KS-CLOUD-XJP-FOREIGN-21-06
X-Cdn-Request-ID: a8baa6beec7cadff2db96608878b7e19
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=6f00b78110272f9d2cec434d2cf39458&wsTime=1713541038 | 103.155.16.137 | | 3.1 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=6f00b78110272f9d2cec434d2cf39458&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 259 x 17, 8-bit/color RGBA, non-interlaced Hashd2523fd53cda5e60ebc8c997ecc48f82 eb77e52163a77ce43da2488259ca0d9f5be36e6b f6bbf2c57164cb4f4cbf26ab2deef162518af6ca4d803a45ab5e22f9086232b8
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/footer-bar.png?wsSecret=6f00b78110272f9d2cec434d2cf39458&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3083
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-08
ETag: "613c72a9-c0b"
Date: Thu, 28 Mar 2024 06:39:37 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:39:37 GMT
Age: 1933065
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-205
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-08, HIT from KS-CLOUD-XJP-FOREIGN-21-03
X-Cdn-Request-ID: f0d9b85e109ac873ad053827c5124701
|
|
| etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=bf1e5fce417efd382e202233e8f034df&wsTime=1713541038 | 103.155.16.137 | | 12 kB |
URL etmqz9.innittapp.com/ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=bf1e5fce417efd382e202233e8f034df&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 193 x 64, 8-bit/color RGBA, non-interlaced Hasha02f1d45ed4ce0a8a2f9837cfa215843 57bd5aa4347c4fc913c6dce38df9d4d0ed467508 041b0bbe548392af8a849b349d4f68fd88d57481581f9d7c2839d77c2141139b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/bet365-1513/themes/images/footer_title_pro.png?wsSecret=bf1e5fce417efd382e202233e8f034df&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11890
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-04
ETag: "613c72a9-2e72"
Date: Thu, 28 Mar 2024 06:30:04 GMT
Last-Modified: Sat, 11 Sep 2021 09:11:05 GMT
Expires: Sat, 27 Apr 2024 06:30:04 GMT
Age: 1933638
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-04, HIT from KS-CLOUD-XJP-FOREIGN-21-21
X-Cdn-Request-ID: a733d04ea4276f91333a60b63ec31809
|
|
| etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=467ddcd9c8dc0cbea351fb2a8a303eeb&wsTime=1713541038 | 103.155.16.137 | | 3.4 kB |
URL etmqz9.innittapp.com/ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=467ddcd9c8dc0cbea351fb2a8a303eeb&wsTime=1713541038 IP103.155.16.137:0 ASN#138915 Kaopu Cloud HK Limited
CertificateIssuerSectigo Limited Subject*.innittapp.com Fingerprint6F:49:D6:21:C6:18:81:D4:5F:C0:B5:3D:51:88:F4:5E:3D:5A:81:62 ValidityThu, 21 Mar 2024 00:00:00 GMT - Fri, 21 Mar 2025 23:59:59 GMT
File typePNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced Hash713d3249f565ee6cdea22930f286ae6b d4c9e8b133d52da738b2514a18b9895562b93feb 4db2562253749f79c14ce870175325af50e48040e99b31aa5ddb25512b92dafb
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Bet365 |
GET /ftl/commonPage/images/casino/casino_logo_prg.png?wsSecret=467ddcd9c8dc0cbea351fb2a8a303eeb&wsTime=1713541038 HTTP/1.1
Host: etmqz9.innittapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.x04323.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3379
Connection: keep-alive
Server: Default-server-KS-CLOUD-XJP-12-02
ETag: "636cc24e-d33"
Date: Thu, 28 Mar 2024 06:30:01 GMT
Last-Modified: Thu, 10 Nov 2022 09:20:14 GMT
Expires: Sat, 27 Apr 2024 06:30:01 GMT
Age: 1933641
Cache-Control: max-age=86400
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Cache: MISS
uuid: -
out-line: gb-cdn-204
x-link-via: xjp21:443;xjp12:80;
X-Cache-Status: MISS from KS-CLOUD-XJP-12-02, HIT from KS-CLOUD-XJP-FOREIGN-21-16
X-Cdn-Request-ID: 4a34fdd8d76c8d6d4bf72d391bf12ccd
|
|