Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://www.activeselfie.com/

Overview

General Information

Sample URL:http://www.activeselfie.com/
Analysis ID:1589325
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5980 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 --field-trial-handle=2500,i,9200259552935339684,2536430183486973830,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 3200 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.activeselfie.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: http://www.activeselfie.com/Avira URL Cloud: detection malicious, Label: phishing
Antivirus detection for URL or domain
Source: https://www.activeselfie.com/images/tt_bg.pngAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/images/banner_02.jpgAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/js/jquery.SuperSlide.jsAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/sitegray/sitegray.jsAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/images/ico_search.pngAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/index.vsb.cssAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/images/slider-arrow.pngAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/style/style.cssAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/@public/base.jsAvira URL Cloud: Label: phishing
Source: https://www.activeselfie.com/HTTP Parser: No favicon
Source: https://www.activeselfie.com/HTTP Parser: No favicon
Source: https://www.activeselfie.com/HTTP Parser: No favicon
Source: https://551000l.cc/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49769 version: TLS 1.0
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49769 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /style/style.css HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /sitegray/sitegray_d.css HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /index.vsb.css HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/jquery.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/jquery.SuperSlide.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /sitegray/sitegray.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/vsbscreen.min.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/counter.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /@public/base.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/calendar/simple.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /sitegray/sitegray.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/jquery.SuperSlide.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/jquery.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/ico_search.png HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/style/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/logo.jpg HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/vsbscreen.min.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/base64.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/formfunc.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/counter.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/dynclicks.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /@public/base.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/banner_01.jpg HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/baidu_jgylogo3.gif HTTP/1.1Host: www.baidu.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /web/index/images/logo_440x140.v.4.png HTTP/1.1Host: www.sogou.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/calendar/simple.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/ico_search.png HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/tt_bg.png HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/style/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/slider-arrow.png HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/style/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/ico_tz.png HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/style/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/banner_02.jpg HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/ajax.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/base64.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/formfunc.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /img/baidu_jgylogo3.gif HTTP/1.1Host: www.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BAIDUID_BFESS=3DDF322616F71F02AFFA144513E48E6B:FG=1
Source: global trafficHTTP traffic detected: GET /system/resource/js/dynclicks.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /web/index/images/logo_440x140.v.4.png HTTP/1.1Host: www.sogou.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/logo.jpg HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wdzmr.php HTTP/1.1Host: vkg.hpdbfezgrqwn.vipConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/tt_bg.png HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/slider-arrow.png HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/vsbpreloadimg.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/images/loading.gif HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/ico_tz.png HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/ajax.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/style.css HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/modalStyles.css HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /css/bootstrap.min.css HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery.min.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /popper.min.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap.min.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/openlink.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/vsbpreloadimg.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/images/loading.gif HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /@public/js.js HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/banner_01.jpg HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /banner.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /popper.min.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /system/resource/js/openlink.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /t010e288a56a0b005e9.png HTTP/1.1Host: p.ssl.qhimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/bg.lanse.jpg HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap.min.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/xinpujing.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/banner_02.jpg HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery.min.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /@public/js.js HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/sansanqiqi.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/kaiyun.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/bet365.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/wlxe.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /banner.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/leijingji.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/xinpujing.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /t010e288a56a0b005e9.png HTTP/1.1Host: p.ssl.qhimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/betway.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/sansanqiqi.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/kaiyun.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/tychongse.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/188jinbaobo.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/bet365.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/weide.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/wlxe.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/gf.fc8d6758.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/bg.lanse.jpg HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/banner/banner.365.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/leijingji.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/2025fajia.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/betway.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/2025shiyunhui.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/2026shijiebei.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/188jinbaobo.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/weide.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/tychongse.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /quicklink.umd.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/gf.fc8d6758.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/bwin.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/yongli.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1k4ej4j1lxvjwz.com/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/banner/banner.365.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/2026shijiebei.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /quicklink.umd.js HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/2025fajia.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/2025shiyunhui.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.activeselfie.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/bwin.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /imgs/yongli.png HTTP/1.1Host: 1k4ej4j1lxvjwz.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=ihtastitaalvnie73090jnoj86
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://1k4ej4j1lxvjwz.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 551000l.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?__CBK=388267276e284239fb05201c095bbfcb01736640552_6738556 HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 551000l.ccConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/themes/gui-base.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/bet365-1761/themes/style/common.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/bet365-1761/themes/style/bootstrap-dialog.min.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /message_zh_CN.js?v=1736150851437 HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/themes/hongbao.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/float.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /message_zh_CN.js?v=1736150851437 HTTP/1.1Host: 551000l.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/lazyload.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/float.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/gui-base.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/layer.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/gui-base.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/lazyload.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/moment.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/layer.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/js/moment.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /errors/605.html HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: route=a1a97600d4111120168c5ba2bb9e992f
Source: global trafficHTTP traffic detected: GET /061410/rcenter/msites/themes/default/common.css?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/msites/themes/default/lang/zh_CN.css?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/default/bootstrap/bootstrap.min.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/error.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/msites/themes/base.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/base.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/default/bootstrap/bootstrap.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/default/bootstrap-dialog/bootstrap-dialog.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/default/font-awesome/font-awesome.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/msites/themes/default/style.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/msites/themes/default/content.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/msites/themes/default/login.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/images/errors/ico-605.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/main.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/curl/curl.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/urlencode.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/images/errors/blue-bg.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/error.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/images/errors/bet-ico-bg.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/error.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/main.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/bootstrap/bootstrap.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/ClassTool.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/images/errors/ico-605.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/urlencode.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/curl/curl.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/images/errors/blue-bg.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/images/errors/bet-ico-bg.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/ClassTool.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/jquery-2.1.1.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/bootstrap/bootstrap.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/jquery-2.1.1.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/components/selectPure.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/home/TopPage.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/errors/templateWrap.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/components/selectPure.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/errors/templateWrap.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/gamebox/home/TopPage.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-dialog/bootstrap-dialog.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/loader/legacy.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-daterangepicker/moment.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-dialog/bootstrap-dialog.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/loader/legacy.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery-eventlock/jquery-eventlock-1.0.0.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/plugin/css.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.poshytip/jquery.poshytip.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-daterangepicker/moment.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery-eventlock/jquery-eventlock-1.0.0.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/themes/default/jquery/plugins/jquery.poshytip/poshytip.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000l.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/favicon.png HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000l.cc/errors/605.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: route=a1a97600d4111120168c5ba2bb9e992f
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/plugin/css.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.poshytip/jquery.poshytip.js?v=1736150851437 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /errors/404.html HTTP/1.1Host: 551000l.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/html, */*; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://551000l.cc/errors/605.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: route=a1a97600d4111120168c5ba2bb9e992f; _LANGUAGE=zh_CN
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.activeselfie.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: chromecache_225.2.drString found in binary or memory: img.src = `https://www.facebook.com/tr?id=${fpixelid}&ev=PageView&noscript=1`; equals www.facebook.com (Facebook)
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: www.activeselfie.com
Source: global trafficDNS traffic detected: DNS query: vkg.hpdbfezgrqwn.vip
Source: global trafficDNS traffic detected: DNS query: www.baidu.com
Source: global trafficDNS traffic detected: DNS query: www.sogou.com
Source: global trafficDNS traffic detected: DNS query: 1k4ej4j1lxvjwz.com
Source: global trafficDNS traffic detected: DNS query: p.ssl.qhimg.com
Source: global trafficDNS traffic detected: DNS query: 551000l.cc
Source: global trafficDNS traffic detected: DNS query: p3yw7u.innittapp.com
Source: unknownHTTP traffic detected: POST /wdzmr.php HTTP/1.1Host: vkg.hpdbfezgrqwn.vipConnection: keep-aliveContent-Length: 225sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8;Accept: */*Origin: https://www.activeselfie.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.activeselfie.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Found
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Found
Source: chromecache_263.2.drString found in binary or memory: http://12aff.best5689.com/92043302/signup/cs/index.html
Source: chromecache_263.2.drString found in binary or memory: http://5887ky.com
Source: chromecache_205.2.drString found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_156.2.dr, chromecache_215.2.drString found in binary or memory: http://james.padolsey.com)
Source: chromecache_223.2.drString found in binary or memory: http://jqueryvalidation.org/
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: http://kaiyunty583.net
Source: chromecache_177.2.dr, chromecache_201.2.drString found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_295.2.drString found in binary or memory: http://push.zhanzhang.baidu.com/push.js
Source: chromecache_205.2.drString found in binary or memory: http://stackoverflow.com/questions/181348/instantiating-a-javascript-object-by-calling-prototype-con
Source: chromecache_205.2.drString found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_293.2.drString found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_263.2.drString found in binary or memory: https://0326018.cc
Source: chromecache_263.2.drString found in binary or memory: https://11073377.app
Source: chromecache_346.2.drString found in binary or memory: https://1k4ej4j1lxvjwz.com/
Source: chromecache_263.2.drString found in binary or memory: https://551000l.cc
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://665339c.com
Source: chromecache_263.2.drString found in binary or memory: https://665339c.com/wap/downloadApp?promoCode=e9VJBL
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://789400.cc/
Source: chromecache_263.2.drString found in binary or memory: https://99505n.cc
Source: chromecache_263.2.drString found in binary or memory: https://a43389.cc/
Source: chromecache_263.2.drString found in binary or memory: https://aff.kkcg8.com/sign-up/593325
Source: chromecache_225.2.drString found in binary or memory: https://analytics.tiktok.com/i18n/pixel/events.js
Source: chromecache_263.2.drString found in binary or memory: https://app.geqianf225.top/s/bet365
Source: chromecache_263.2.drString found in binary or memory: https://app.geqianf225.top/s/bwyz
Source: chromecache_263.2.drString found in binary or memory: https://app.geqianf225.top/s/tyc
Source: chromecache_293.2.drString found in binary or memory: https://appelsiini.net/projects/lazyload
Source: chromecache_263.2.drString found in binary or memory: https://appiso-ali.ghgdfdf.com/?cGkxMl90NDA3MQ==&c=101105706293#/
Source: chromecache_263.2.drString found in binary or memory: https://cdn.livechatinc.com/tracking.js
Source: chromecache_225.2.drString found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://e977110.com
Source: chromecache_263.2.drString found in binary or memory: https://e977110.com/wap/downloadApp?promoCode=pK8XQc
Source: chromecache_347.2.dr, chromecache_227.2.dr, chromecache_326.2.drString found in binary or memory: https://getbootstrap.com/)
Source: chromecache_205.2.drString found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_205.2.drString found in binary or memory: https://github.com/moment/moment/issues/1407
Source: chromecache_205.2.drString found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_205.2.drString found in binary or memory: https://github.com/moment/moment/issues/1548
Source: chromecache_205.2.drString found in binary or memory: https://github.com/moment/moment/issues/1779
Source: chromecache_205.2.drString found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_347.2.dr, chromecache_227.2.dr, chromecache_326.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_347.2.dr, chromecache_227.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_263.2.drString found in binary or memory: https://guwu.fun/download
Source: chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://j21716.com
Source: chromecache_263.2.drString found in binary or memory: https://j21716.com/wap/downloadApp?promoCode=XPMJTR
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://k933005.com
Source: chromecache_263.2.drString found in binary or memory: https://lucky298.com/vsgl
Source: chromecache_264.2.dr, chromecache_204.2.drString found in binary or memory: https://lucky298.com/vsglat
Source: chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://m399227.com
Source: chromecache_295.2.drString found in binary or memory: https://p.ssl.qhimg.com/t010e288a56a0b005e9.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common
Source: chromecache_179.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/images/errors/ico-605.png
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/curl/curl.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.j
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/main.js
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/urlencode.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1736150851437
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/bootstrap/bootstrap.min.css
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/error.css
Source: chromecache_179.2.dr, chromecache_300.2.dr, chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites/images/touchicon.png
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/lang/zh_CN.css?v=1736150851437
Source: chromecache_179.2.dr, chromecache_300.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/Logo/405/1696591118080.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10004/1719343950451.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10006/1719344244164.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10008/1719344412734.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10010/1719344363451.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10047/1719344188380.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10048/1719344459903.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10049/1719344515771.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10050/1719344563012.jpg)
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/all_bg.jpg
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/header/header_bg.jpg
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/header/top_bg.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/icon_marquee.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/1_9.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/3_108.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/code_bg.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_0.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_1.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_2.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_3.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_4.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_5.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_6.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_7.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/download_apple.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/download_bg.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_1.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_3.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_4.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_5.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_fish_42_5.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/hot_game_title.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/hotgame_title_bg.jpg
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_1.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_3.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_4.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_5.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/service_inner_bg.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/service_out_bg.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/services_title.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/services_title_bg.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/bootstrap-dialog.min.css
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/common.css
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/images/default-banner.jpg
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/images/favicon/favicon_1761.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/float.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/gui-base.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/layer.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/lazyload.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/moment.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/Comet.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/PopUp.js
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.css
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-skin-default.css
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/themes/hb/css/pc.css
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/pubads/images/ads1.png
Source: chromecache_225.2.drString found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/pubads/images/ads2.png
Source: chromecache_263.2.drString found in binary or memory: https://parimatchasia.onelink.me/nec7/949ac8d5?
Source: chromecache_225.2.drString found in binary or memory: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js
Source: chromecache_225.2.drString found in binary or memory: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=
Source: chromecache_263.2.drString found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_1722c_&affid=2017190&siteid=18017&adid=1722&c=
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_2464c_&affid=2017190&siteid=18017&adid=2464&c=
Source: chromecache_263.2.drString found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_2484c_&affid=2017190&siteid=18017&adid=2484&c=
Source: chromecache_263.2.drString found in binary or memory: https://wros8.top/vjS2
Source: chromecache_263.2.drString found in binary or memory: https://www.4a0kzf.com/Yvj3
Source: chromecache_295.2.drString found in binary or memory: https://www.baidu.com/
Source: chromecache_295.2.drString found in binary or memory: https://www.baidu.com/baidu
Source: chromecache_295.2.drString found in binary or memory: https://www.baidu.com/img/baidu_jgylogo3.gif
Source: chromecache_263.2.drString found in binary or memory: https://www.bvty894.com:30122/entry/register?i_code=2270535
Source: chromecache_263.2.drString found in binary or memory: https://www.livechat.com/?welcome
Source: chromecache_263.2.drString found in binary or memory: https://www.livechat.com/chat-with/15900159/
Source: chromecache_263.2.drString found in binary or memory: https://www.ljjapp2.com/?601158
Source: chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drString found in binary or memory: https://www.ray060.com/?601158
Source: chromecache_295.2.drString found in binary or memory: https://www.so.com/
Source: chromecache_295.2.drString found in binary or memory: https://www.sogou.com/
Source: chromecache_295.2.drString found in binary or memory: https://www.sogou.com/web
Source: chromecache_295.2.drString found in binary or memory: https://www.sogou.com/web/index/images/logo_440x140.v.4.png
Source: chromecache_263.2.drString found in binary or memory: https://www.ss52611.com/vip.html?c=88003698540
Source: chromecache_263.2.drString found in binary or memory: https://www.xivev6.com:9056/entry/register37012/?i_code=30114312
Source: chromecache_263.2.drString found in binary or memory: https://wy-ali.meriksenrusso.com/wx/app/proxy-qrcode.html?url=aHR0cHM6Ly9hcHBpc28tdHkuc291emhhbnp4Lm
Source: chromecache_263.2.drString found in binary or memory: https://wy-ali.meriksenrusso.com/wx/app/proxy-qrcode.html?url=aHR0cHM6Ly9hcHBpc28tdHkuenZiempzYi5jb2
Source: chromecache_263.2.drString found in binary or memory: https://xj206.cc/
Source: chromecache_295.2.drString found in binary or memory: https://zz.bdstatic.com/linksubmit/push.js
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50154 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 50165 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50189 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50153 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 50187 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50155 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50176 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50166 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50139 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50202 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
Source: unknownNetwork traffic detected: HTTP traffic on port 50186 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50197 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50127 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50175 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50198 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50127
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50122
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50124
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50082 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50164 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50184 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50152 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50201 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50141 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50200 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50140 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50205
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50204
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50196 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50206
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50201
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50200
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50203
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50202
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50185 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50175
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50177
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50176
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50184
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 50125 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50194 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50186
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50185
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50188
Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50187
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50189
Source: unknownNetwork traffic detected: HTTP traffic on port 50205 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50191
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50190
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50193
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50192
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50195
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50194
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50204 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50195 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50197
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50196
Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50199
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50198
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50139
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50138
Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50140
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50141
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50138 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50153
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50152
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50155
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50154
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50157
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50156
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50164
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50163
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50166
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50165
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50168
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50169
Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50168 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50088 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50076 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50156 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50192 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50020 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50054 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50111 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50206 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50052 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50064 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50190 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50191 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50019 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50157 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50101 -> 443
Source: classification engineClassification label: mal56.win@19/323@42/14
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 --field-trial-handle=2500,i,9200259552935339684,2536430183486973830,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.activeselfie.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 --field-trial-handle=2500,i,9200259552935339684,2536430183486973830,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://www.activeselfie.com/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/ClassTool.js?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/bootstrap/bootstrap.js?v=17361508514370%Avira URL Cloudsafe
https://551000l.cc/message_zh_CN.js?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/pubads/images/ads2.png0%Avira URL Cloudsafe
https://www.activeselfie.com/images/tt_bg.png100%Avira URL Cloudphishing
https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.poshytip/jquery.poshytip.js?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/urlencode.js0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/themes/hongbao.css0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/base.css0%Avira URL Cloudsafe
https://www.4a0kzf.com/Yvj30%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_1.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/jquery/plugins/jquery.poshytip/poshytip.css0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_6.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-skin-default.css0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/images/default-banner.jpg0%Avira URL Cloudsafe
https://appiso-ali.ghgdfdf.com/?cGkxMl90NDA3MQ==&c=101105706293#/0%Avira URL Cloudsafe
https://www.activeselfie.com/images/banner_02.jpg100%Avira URL Cloudphishing
https://xj206.cc/0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.j0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/main.js0%Avira URL Cloudsafe
https://789400.cc/0%Avira URL Cloudsafe
https://www.activeselfie.com/js/jquery.SuperSlide.js100%Avira URL Cloudphishing
https://1k4ej4j1lxvjwz.com/popper.min.js0%Avira URL Cloudsafe
https://1k4ej4j1lxvjwz.com/imgs/sansanqiqi.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/js/float.js0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/Comet.js0%Avira URL Cloudsafe
https://1k4ej4j1lxvjwz.com/imgs/188jinbaobo.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/login.css0%Avira URL Cloudsafe
https://www.activeselfie.com/sitegray/sitegray.js100%Avira URL Cloudphishing
https://1k4ej4j1lxvjwz.com/quicklink.umd.js0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/curl/curl/loader/legacy.js?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_5.png0%Avira URL Cloudsafe
http://12aff.best5689.com/92043302/signup/cs/index.html0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/services_title_bg.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10048/1719344459903.jpg)0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_5.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/header/header_bg.jpg0%Avira URL Cloudsafe
https://vkg.hpdbfezgrqwn.vip/wdzmr.php0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js0%Avira URL Cloudsafe
https://551000l.cc/?__CBK=388267276e284239fb05201c095bbfcb01736640552_67385560%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/fserver0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=17361508514370%Avira URL Cloudsafe
https://1k4ej4j1lxvjwz.com/css/modalStyles.css0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_2.png0%Avira URL Cloudsafe
https://www.ss52611.com/vip.html?c=880036985400%Avira URL Cloudsafe
https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_2484c_&affid=2017190&siteid=18017&adid=2484&c=0%Avira URL Cloudsafe
https://1k4ej4j1lxvjwz.com/imgs/kaiyun.png0%Avira URL Cloudsafe
http://kaiyunty583.net0%Avira URL Cloudsafe
https://m399227.com0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/common.css0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/icon_marquee.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js0%Avira URL Cloudsafe
http://james.padolsey.com)0%Avira URL Cloudsafe
https://www.activeselfie.com/images/ico_search.png100%Avira URL Cloudphishing
https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_5.png0%Avira URL Cloudsafe
https://1k4ej4j1lxvjwz.com/imgs/2025shiyunhui.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/components/selectPure.js?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10050/1719344563012.jpg)0%Avira URL Cloudsafe
https://wy-ali.meriksenrusso.com/wx/app/proxy-qrcode.html?url=aHR0cHM6Ly9hcHBpc28tdHkuenZiempzYi5jb20%Avira URL Cloudsafe
https://1k4ej4j1lxvjwz.com/imgs/tychongse.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/js/layer.js0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/hot_game_title.png0%Avira URL Cloudsafe
https://lucky298.com/vsglat0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/themes/base.css0%Avira URL Cloudsafe
https://www.activeselfie.com/index.vsb.css100%Avira URL Cloudphishing
https://1k4ej4j1lxvjwz.com/imgs/2025fajia.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/home/TopPage.js?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_fish_42_5.png0%Avira URL Cloudsafe
https://e977110.com/wap/downloadApp?promoCode=pK8XQc0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=17361508514370%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10008/1719344412734.jpg)0%Avira URL Cloudsafe
https://www.ljjapp2.com/?6011580%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/download_bg.png0%Avira URL Cloudsafe
https://551000l.cc/favicon.ico0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/images/errors/blue-bg.jpg0%Avira URL Cloudsafe
https://11073377.app0%Avira URL Cloudsafe
https://j21716.com0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-layer.css0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/font-awesome/font-awesome.css0%Avira URL Cloudsafe
https://wros8.top/vjS20%Avira URL Cloudsafe
https://www.activeselfie.com/images/slider-arrow.png100%Avira URL Cloudphishing
https://a43389.cc/0%Avira URL Cloudsafe
https://www.activeselfie.com/style/style.css100%Avira URL Cloudphishing
https://1k4ej4j1lxvjwz.com/imgs/gf.fc8d6758.png0%Avira URL Cloudsafe
https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/style.css0%Avira URL Cloudsafe
https://www.activeselfie.com/@public/base.js100%Avira URL Cloudphishing

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
1k4ej4j1lxvjwz.com
122.10.50.210
truefalse
    		unknown
    551000l.cc
    		154.193.113.233
    		truefalse
      		unknown
      l5-global.gslb.ksyuncdn.com
      		103.155.16.134
      		truefalse
        		high
        www.wshifen.com
        		103.235.46.96
        		truefalse
          		high
          d3h3opd4qa0dfk.cloudfront.net
          		13.32.121.43
          		truefalse
            		unknown
            www.google.com
            		142.250.185.132
            		truefalse
              		high
              vkg.hpdbfezgrqwn.vip
              		122.10.26.202
              		truefalse
                		unknown
                www.sogou.com
                		43.153.236.147
                		truefalse
                  		high
                  k1.gslb.ksyuncdn.com
                  		42.56.77.129
                  		truefalse
                    		high
                    www.activeselfie.com
                    		154.216.143.8
                    		truefalse
                      		high
                      p.ssl.qhimg.com
                      		unknown
                      		unknownfalse
                        		high
                        p3yw7u.innittapp.com
                        		unknown
                        		unknownfalse
                          		unknown
                          www.baidu.com
                          		unknown
                          		unknownfalse
                            		high

                            Contacted URLs

                            NameMaliciousAntivirus DetectionReputation
                            https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.poshytip/jquery.poshytip.js?v=1736150851437false
                            • Avira URL Cloud: safe
                            		unknown
                            https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/ClassTool.js?v=1736150851437false
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.activeselfie.com/images/tt_bg.pngtrue
                            • Avira URL Cloud: phishing
                            		unknown
                            https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/base.cssfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://p3yw7u.innittapp.com/061410/rcenter/common/js/bootstrap/bootstrap.js?v=1736150851437false
                            • Avira URL Cloud: safe
                            		unknown
                            https://p3yw7u.innittapp.com/ftl/commonPage/themes/hongbao.cssfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://551000l.cc/message_zh_CN.js?v=1736150851437false
                            • Avira URL Cloud: safe
                            		unknown
                            https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/urlencode.jsfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/jquery/plugins/jquery.poshytip/poshytip.cssfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.activeselfie.com/images/banner_02.jpgfalse
                            • Avira URL Cloud: phishing
                            		unknown
                            https://www.sogou.com/web/index/images/logo_440x140.v.4.pngfalse
                              		high
                              http://www.activeselfie.com/true
                                		unknown
                                https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-skin-default.cssfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/main.jsfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://www.activeselfie.com/js/jquery.SuperSlide.jsfalse
                                • Avira URL Cloud: phishing
                                		unknown
                                https://www.activeselfie.com/false
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/Comet.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/sansanqiqi.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/popper.min.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.activeselfie.com/sitegray/sitegray.jsfalse
                                  • Avira URL Cloud: phishing
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/js/float.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/login.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/188jinbaobo.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/quicklink.umd.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/js/curl/curl/loader/legacy.js?v=1736150851437false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://vkg.hpdbfezgrqwn.vip/wdzmr.phpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://551000l.cc/?__CBK=388267276e284239fb05201c095bbfcb01736640552_6738556false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1736150851437false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/css/modalStyles.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/kaiyun.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/common.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.activeselfie.com/images/ico_search.pngfalse
                                  • Avira URL Cloud: phishing
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/components/selectPure.js?v=1736150851437false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/2025shiyunhui.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/js/layer.jsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/tychongse.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/themes/base.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/2025fajia.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.activeselfie.com/index.vsb.cssfalse
                                  • Avira URL Cloud: phishing
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1736150851437false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/home/TopPage.js?v=1736150851437false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://551000l.cc/favicon.icofalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/images/errors/blue-bg.jpgfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-layer.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/font-awesome/font-awesome.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.activeselfie.com/images/slider-arrow.pngfalse
                                  • Avira URL Cloud: phishing
                                  		unknown
                                  https://www.activeselfie.com/style/style.cssfalse
                                  • Avira URL Cloud: phishing
                                  		unknown
                                  https://1k4ej4j1lxvjwz.com/imgs/gf.fc8d6758.pngfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/style.cssfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.activeselfie.com/@public/base.jsfalse
                                  • Avira URL Cloud: phishing
                                  		unknown

                                  URLs from Memory and Binaries

                                  NameSourceMaliciousAntivirus DetectionReputation
                                  https://www.4a0kzf.com/Yvj3chromecache_263.2.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://github.com/moment/moment/issues/1423chromecache_205.2.drfalse
                                    		high
                                    https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/pubads/images/ads2.pngchromecache_225.2.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_1.pngchromecache_225.2.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://stackoverflow.com/questions/181348/instantiating-a-javascript-object-by-calling-prototype-conchromecache_205.2.drfalse
                                      		high
                                      https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_6.pngchromecache_225.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://appiso-ali.ghgdfdf.com/?cGkxMl90NDA3MQ==&c=101105706293#/chromecache_263.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://p3yw7u.innittapp.com/ftl/commonPage/images/default-banner.jpgchromecache_225.2.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://github.com/moment/moment/issues/1548chromecache_205.2.drfalse
                                        		high
                                        https://xj206.cc/chromecache_263.2.drfalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.jchromecache_225.2.drfalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        http://www.opensource.org/licenses/mit-license.phpchromecache_293.2.drfalse
                                          		high
                                          https://789400.cc/chromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://github.com/twbs/bootstrap/graphs/contributors)chromecache_347.2.dr, chromecache_227.2.drfalse
                                            		high
                                            https://github.com/moment/moment/issues/1779chromecache_205.2.drfalse
                                              		high
                                              https://cdn.livechatinc.com/tracking.jschromecache_263.2.drfalse
                                                		high
                                                http://12aff.best5689.com/92043302/signup/cs/index.htmlchromecache_263.2.drfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.htmlchromecache_205.2.drfalse
                                                  		high
                                                  https://www.so.com/chromecache_295.2.drfalse
                                                    		high
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_5.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/services_title_bg.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10048/1719344459903.jpg)chromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_5.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/header/header_bg.jpgchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/fserverchromecache_179.2.dr, chromecache_300.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_2.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.ss52611.com/vip.html?c=88003698540chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_2484c_&affid=2017190&siteid=18017&adid=2484&c=chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://m399227.comchromecache_204.2.dr, chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://kaiyunty583.netchromecache_264.2.dr, chromecache_204.2.dr, chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/icon_marquee.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://james.padolsey.com)chromecache_156.2.dr, chromecache_215.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10050/1719344563012.jpg)chromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_5.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://wy-ali.meriksenrusso.com/wx/app/proxy-qrcode.html?url=aHR0cHM6Ly9hcHBpc28tdHkuenZiempzYi5jb2chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/hot_game_title.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://lucky298.com/vsglatchromecache_264.2.dr, chromecache_204.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_fish_42_5.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://e977110.com/wap/downloadApp?promoCode=pK8XQcchromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10008/1719344412734.jpg)chromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/download_bg.pngchromecache_225.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.ljjapp2.com/?601158chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://j21716.comchromecache_204.2.dr, chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://11073377.appchromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://a43389.cc/chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://wros8.top/vjS2chromecache_263.2.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown

                                                    World Map of Contacted IPs

                                                    • No. of IPs < 25%
                                                    • 25% < No. of IPs < 50%
                                                    • 50% < No. of IPs < 75%
                                                    • 75% < No. of IPs

                                                    Public IPs

                                                    IPDomainCountryFlagASNASN NameMalicious
                                                    103.155.16.134
                                                    		l5-global.gslb.ksyuncdn.comunknown
                                                    		134687TWIDC-AS-APTWIDCLimitedHKfalse
                                                    154.193.113.233
                                                    		551000l.ccSeychelles
                                                    		132839POWERLINE-AS-APPOWERLINEDATACENTERHKfalse
                                                    122.10.26.202
                                                    		vkg.hpdbfezgrqwn.vipHong Kong
                                                    		139817GIGALINK-AS-APHONGKONGGIGALINKNETWORKLIMITEDHKfalse
                                                    142.250.185.132
                                                    		www.google.comUnited States
                                                    		15169GOOGLEUSfalse
                                                    103.235.46.96
                                                    		www.wshifen.comHong Kong
                                                    		55967BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtdfalse
                                                    122.10.50.210
                                                    		1k4ej4j1lxvjwz.comHong Kong
                                                    		134548DXTL-HKDXTLTseungKwanOServiceHKfalse
                                                    13.32.121.43
                                                    		d3h3opd4qa0dfk.cloudfront.netUnited States
                                                    		16509AMAZON-02USfalse
                                                    239.255.255.250
                                                    		unknownReserved
                                                    		unknownunknownfalse
                                                    42.56.77.129
                                                    		k1.gslb.ksyuncdn.comChina
                                                    		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
                                                    154.216.143.8
                                                    		www.activeselfie.comSeychelles
                                                    		134705ITACE-AS-APItaceInternationalLimitedHKfalse
                                                    103.198.200.7
                                                    		unknownChina
                                                    		55720GIGABIT-MYGigabitHostingSdnBhdMYfalse
                                                    43.153.236.147
                                                    		www.sogou.comJapan4249LILLY-ASUSfalse

                                                    Private

                                                    IP
                                                    192.168.2.6
                                                    192.168.2.5

                                                    General Information

                                                    Joe Sandbox version:42.0.0 Malachite
                                                    Analysis ID:1589325
                                                    Start date and time:2025-01-12 01:07:43 +01:00
                                                    Joe Sandbox product:CloudBasic
                                                    Overall analysis duration:0h 3m 21s
                                                    Hypervisor based Inspection enabled:false
                                                    Report type:full
                                                    Cookbook file name:browseurl.jbs
                                                    Sample URL:http://www.activeselfie.com/
                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                    Number of analysed new started processes analysed:7
                                                    Number of new started drivers analysed:0
                                                    Number of existing processes analysed:0
                                                    Number of existing drivers analysed:0
                                                    Number of injected processes analysed:0
                                                    Technologies:
                                                    • HCA enabled
                                                    • EGA enabled
                                                    • AMSI enabled
                                                    Analysis Mode:default
                                                    Analysis stop reason:Timeout
                                                    Detection:MAL
                                                    Classification:mal56.win@19/323@42/14
                                                    EGA Information:Failed
                                                    HCA Information:
                                                    • Successful, ratio: 100%
                                                    • Number of executed functions: 0
                                                    • Number of non-executed functions: 0

                                                    Warnings

                                                    • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                    • Excluded IPs from analysis (whitelisted): 142.250.186.163, 142.250.186.174, 108.177.15.84, 142.250.184.206, 216.58.206.46, 142.250.185.206, 2.22.50.131, 192.229.221.95, 199.232.214.172, 142.250.186.46, 142.250.185.110, 216.58.206.78, 172.217.16.206, 142.250.186.99, 142.250.181.238, 184.28.90.27, 20.12.23.50, 13.107.246.45
                                                    • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                                                    • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                    • Not all processes where analyzed, report is missing behavior information
                                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                    • VT rate limit hit for: http://www.activeselfie.com/

                                                    Simulations

                                                    Behavior and APIs

                                                    No simulations