Windows Analysis Report
http://wap.theblmediagroup.com/

Overview

General Information

Sample URL: http://wap.theblmediagroup.com/
Analysis ID: 1521026
Infos:

Detection

Score: 56
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Detected non-DNS traffic on DNS port

Classification

AV Detection
barindex
Multi AV Scanner detection for domain / URL
Source: wap.theblmediagroup.com Virustotal: Detection: 10% Perma Link
Multi AV Scanner detection for submitted file
Source: http://wap.theblmediagroup.com/ Virustotal: Detection: 10% Perma Link
Source: https://www.theblmediagroup.com/ HTTP Parser: No favicon
Source: https://www.theblmediagroup.com/ HTTP Parser: No favicon
Source: https://www.theblmediagroup.com/ HTTP Parser: No favicon
Source: https://551000e.cc/ HTTP Parser: No favicon
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Detected non-DNS traffic on DNS port
Source: global traffic TCP traffic: 192.168.2.4:54073 -> 1.1.1.1:53
Source: unknown TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: www.theblmediagroup.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /vue.min.js HTTP/1.1Host: www.theblmediagroup.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=qr4r0lbet2m2ejlbvaj7423143
Source: global traffic HTTP traffic detected: GET /@public/jquery.cdn.js HTTP/1.1Host: www.theblmediagroup.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=qr4r0lbet2m2ejlbvaj7423143
Source: global traffic HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic HTTP traffic detected: GET /img/baidu_jgylogo3.gif HTTP/1.1Host: www.baidu.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /js-sdk-pro.min.js HTTP/1.1Host: sdk.51.laConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /t010e288a56a0b005e9.png HTTP/1.1Host: p.ssl.qhimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /linksubmit/push.js HTTP/1.1Host: zz.bdstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /web/index/images/logo_440x140.v.4.png HTTP/1.1Host: www.sogou.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /vue.min.js HTTP/1.1Host: www.theblmediagroup.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=qr4r0lbet2m2ejlbvaj7423143
Source: global traffic HTTP traffic detected: GET /@public/jquery.cdn.js HTTP/1.1Host: www.theblmediagroup.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=qr4r0lbet2m2ejlbvaj7423143
Source: global traffic HTTP traffic detected: GET /img/baidu_jgylogo3.gif HTTP/1.1Host: www.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /t010e288a56a0b005e9.png HTTP/1.1Host: p.ssl.qhimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /js-sdk-pro.min.js HTTP/1.1Host: sdk.51.laConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /linksubmit/push.js HTTP/1.1Host: zz.bdstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /?id=1 HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /hylfff.php HTTP/1.1Host: vkg.hpdbfezgrqwn.vipConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v6/collect?dt=4 HTTP/1.1Host: collect-v6.51.laConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /web/index/images/logo_440x140.v.4.png HTTP/1.1Host: www.sogou.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.theblmediagroup.com/ HTTP/1.1Host: sp0.baidu.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v6/collect?dt=4 HTTP/1.1Host: collect-v6.51.laConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/style.css HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/modalStyles.css HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/bootstrap.min.css HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jquery.min.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /popper.min.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /bootstrap.min.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /v6/collect?dt=4 HTTP/1.1Host: collect-v6.51.laConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.theblmediagroup.com/ HTTP/1.1Host: sp0.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BAIDUID=DDB7C742E05B5B3C6B5463D63F20EA61:FG=1
Source: global traffic HTTP traffic detected: GET /banner.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /jquery.min.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /popper.min.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /bootstrap.min.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/gf.fc8d6758.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/banner/banner.365.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/mzb.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/2024ozb.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/spb.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /quicklink.umd.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banner.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/banner/banner.365.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/gf.fc8d6758.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /quicklink.umd.js HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/spb.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.theblmediagroup.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=qr4r0lbet2m2ejlbvaj7423143; __vtins__KBYUa6ibFuUdP5LO=%7B%22sid%22%3A%20%224d7f56f0-77db-5a1d-918d-eee6f668a37a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201727488019155%2C%20%22ct%22%3A%201727486219155%7D; __51uvsct__KBYUa6ibFuUdP5LO=1; __51vcke__KBYUa6ibFuUdP5LO=10ebe04b-e616-5ca1-bd74-452127bb1224; __51vuft__KBYUa6ibFuUdP5LO=1727486219161; __vtins__KItudeYROt8HSqg0=%7B%22sid%22%3A%20%22251d5312-c868-5457-8839-2e28dee439d3%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201727488019172%2C%20%22ct%22%3A%201727486219172%7D; __51uvsct__KItudeYROt8HSqg0=1; __51vcke__KItudeYROt8HSqg0=01e1b207-2d1a-5cf4-9565-eba7e7fbc646; __51vuft__KItudeYROt8HSqg0=1727486219175; __vtins__KBEziNYdSkcoF8Od=%7B%22sid%22%3A%20%22bc53d26e-7237-5459-ae4f-cbed8014c45a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201727488019183%2C%20%22ct%22%3A%201727486219183%7D; __51uvsct__KBEziNYdSkcoF8Od=1; __51vcke__KBEziNYdSkcoF8Od=0559e878-da38-53e5-a15b-190bbab53118; __51vuft__KBEziNYdSkcoF8Od=1727486219189
Source: global traffic HTTP traffic detected: GET /imgs/mzb.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.theblmediagroup.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=qr4r0lbet2m2ejlbvaj7423143; __vtins__KBYUa6ibFuUdP5LO=%7B%22sid%22%3A%20%224d7f56f0-77db-5a1d-918d-eee6f668a37a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201727488019155%2C%20%22ct%22%3A%201727486219155%7D; __51uvsct__KBYUa6ibFuUdP5LO=1; __51vcke__KBYUa6ibFuUdP5LO=10ebe04b-e616-5ca1-bd74-452127bb1224; __51vuft__KBYUa6ibFuUdP5LO=1727486219161; __vtins__KItudeYROt8HSqg0=%7B%22sid%22%3A%20%22251d5312-c868-5457-8839-2e28dee439d3%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201727488019172%2C%20%22ct%22%3A%201727486219172%7D; __51uvsct__KItudeYROt8HSqg0=1; __51vcke__KItudeYROt8HSqg0=01e1b207-2d1a-5cf4-9565-eba7e7fbc646; __51vuft__KItudeYROt8HSqg0=1727486219175; __vtins__KBEziNYdSkcoF8Od=%7B%22sid%22%3A%20%22bc53d26e-7237-5459-ae4f-cbed8014c45a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201727488019183%2C%20%22ct%22%3A%201727486219183%7D; __51uvsct__KBEziNYdSkcoF8Od=1; __51vcke__KBEziNYdSkcoF8Od=0559e878-da38-53e5-a15b-190bbab53118; __51vuft__KBEziNYdSkcoF8Od=1727486219189
Source: global traffic HTTP traffic detected: GET /imgs/bg.lanse.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://efdeyut4z5z159.com/?id=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /imgs/bg.lanse.png HTTP/1.1Host: efdeyut4z5z159.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 551000e.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /?__CBK=37c5f4d813b70de54a4901967875654481727486241_132265318 HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: 551000e.ccConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/themes/gui-base.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/themes/gui-skin-default.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/bet365-1761/themes/style/common.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/bet365-1761/themes/style/bootstrap-dialog.min.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/themes/hongbao.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/themes/gui-layer.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery-1.11.3.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/themes/hb/css/pc.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/static/css/gb.validation.min.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/float.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /message_zh_CN.js?v=1727078840674 HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/lazyload.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/gui-base.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/float.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/idangerous.swiper.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/websocket/Comet.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/layer.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/websocket/CometMarathon.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/theme/default/layer.css?v=3.1.0 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/websocket/PopUp.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/lazyload.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/gui-base.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/bootstrap-dialog.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/moment.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.super-marquee.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/layer.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /message_zh_CN.js?v=1727078840674 HTTP/1.1Host: 551000e.ccConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/jquery/jquery.nicescroll.min.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/js/moment.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/static/js/gb.validation.min.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /errors/605.html HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: route=251410696cadec6a5b6c74aa4706df12
Source: global traffic HTTP traffic detected: GET /061410/rcenter/msites/themes/default/common.css?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/msites/themes/default/lang/zh_CN.css?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/default/bootstrap/bootstrap.min.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/error.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/msites/themes/base.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/base.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/default/bootstrap/bootstrap.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/default/bootstrap-dialog/bootstrap-dialog.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/default/font-awesome/font-awesome.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/msites/themes/default/style.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/msites/themes/default/content.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/msites/themes/default/login.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/images/errors/ico-605.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/main.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/curl/curl.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/urlencode.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/images/errors/blue-bg.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/error.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/main.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/images/errors/ico-605.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/images/errors/bet-ico-bg.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/error.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/curl/curl.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/bootstrap/bootstrap.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/ClassTool.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/urlencode.js HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/images/errors/blue-bg.jpg HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/images/errors/bet-ico-bg.png HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/bootstrap/bootstrap.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/jquery-2.1.1.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/ClassTool.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/components/selectPure.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/home/TopPage.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/errors/templateWrap.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/jquery-2.1.1.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-dialog/bootstrap-dialog.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/loader/legacy.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-daterangepicker/moment.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/components/selectPure.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/common/errors/templateWrap.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/gamebox/home/TopPage.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/loader/legacy.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery-eventlock/jquery-eventlock-1.0.0.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/plugin/css.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-dialog/bootstrap-dialog.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/bootstrap-daterangepicker/moment.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.poshytip/jquery.poshytip.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/curl/curl/plugin/css.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/themes/default/jquery/plugins/jquery.poshytip/poshytip.css HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://551000e.cc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery.poshytip/jquery.poshytip.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /061410/rcenter/common/js/jquery/plugins/jquery-eventlock/jquery-eventlock-1.0.0.js?v=1727078840674 HTTP/1.1Host: p3yw7u.innittapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /images/favicon.png HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://551000e.cc/errors/605.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: route=a1a97600d4111120168c5ba2bb9e992f
Source: global traffic HTTP traffic detected: GET /errors/404.html HTTP/1.1Host: 551000e.ccConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/html, */*; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://551000e.cc/errors/605.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: route=a1a97600d4111120168c5ba2bb9e992f; _LANGUAGE=zh_CN
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: wap.theblmediagroup.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: chromecache_174.2.dr String found in binary or memory: img.src = `https://www.facebook.com/tr?id=${fpixelid}&ev=PageView&noscript=1`; equals www.facebook.com (Facebook)
Source: global traffic DNS traffic detected: DNS query: wap.theblmediagroup.com
Source: global traffic DNS traffic detected: DNS query: www.theblmediagroup.com
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: www.baidu.com
Source: global traffic DNS traffic detected: DNS query: vkg.hpdbfezgrqwn.vip
Source: global traffic DNS traffic detected: DNS query: www.sogou.com
Source: global traffic DNS traffic detected: DNS query: p.ssl.qhimg.com
Source: global traffic DNS traffic detected: DNS query: zz.bdstatic.com
Source: global traffic DNS traffic detected: DNS query: sdk.51.la
Source: global traffic DNS traffic detected: DNS query: collect-v6.51.la
Source: global traffic DNS traffic detected: DNS query: efdeyut4z5z159.com
Source: global traffic DNS traffic detected: DNS query: sp0.baidu.com
Source: global traffic DNS traffic detected: DNS query: 551000e.cc
Source: global traffic DNS traffic detected: DNS query: p3yw7u.innittapp.com
Source: unknown HTTP traffic detected: POST /hylfff.php HTTP/1.1Host: vkg.hpdbfezgrqwn.vipConnection: keep-aliveContent-Length: 115sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8;Accept: */*Origin: https://www.theblmediagroup.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.theblmediagroup.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not Found
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not Found
Source: chromecache_133.2.dr String found in binary or memory: http://5887ky.com
Source: chromecache_230.2.dr String found in binary or memory: http://fontawesome.io
Source: chromecache_230.2.dr String found in binary or memory: http://fontawesome.io/license
Source: chromecache_206.2.dr, chromecache_195.2.dr String found in binary or memory: http://jqueryvalidation.org/
Source: chromecache_126.2.dr, chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: http://kaiyunty583.net
Source: chromecache_196.2.dr, chromecache_250.2.dr String found in binary or memory: http://layer.layui.com/
Source: chromecache_190.2.dr, chromecache_127.2.dr String found in binary or memory: http://nicescroll.areaaperta.com
Source: chromecache_249.2.dr, chromecache_221.2.dr String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_177.2.dr String found in binary or memory: http://push.zhanzhang.baidu.com/push.js
Source: chromecache_133.2.dr String found in binary or memory: https://0326018.cc
Source: chromecache_133.2.dr String found in binary or memory: https://551000e.cc
Source: chromecache_126.2.dr, chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: https://665331a.com
Source: chromecache_133.2.dr String found in binary or memory: https://665331a.com/wap/downloadApp?promoCode=e9VJBL
Source: chromecache_126.2.dr, chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: https://789400.cc/
Source: chromecache_133.2.dr String found in binary or memory: https://99505n.cc
Source: chromecache_133.2.dr String found in binary or memory: https://a43389.cc/
Source: chromecache_126.2.dr, chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: https://a977112.com
Source: chromecache_133.2.dr String found in binary or memory: https://a977112.com/wap/downloadApp?promoCode=pK8XQc
Source: chromecache_133.2.dr String found in binary or memory: https://aff.668ogm.net/sign-up/593325
Source: chromecache_174.2.dr String found in binary or memory: https://analytics.tiktok.com/i18n/pixel/events.js
Source: chromecache_133.2.dr String found in binary or memory: https://app.geqianf103.top/s/bet365
Source: chromecache_133.2.dr String found in binary or memory: https://app.geqianf103.top/s/bwyz
Source: chromecache_133.2.dr String found in binary or memory: https://app.geqianf103.top/s/tyc
Source: chromecache_133.2.dr String found in binary or memory: https://appiso-ali.ghgdfdf.com/?cGkxMl90NDA3MQ==&c=101105706293#/
Source: chromecache_133.2.dr String found in binary or memory: https://cdn.livechatinc.com/tracking.js
Source: chromecache_174.2.dr String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_132.2.dr String found in binary or memory: https://efdeyut4z5z159.com/
Source: chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: https://g21717.com
Source: chromecache_133.2.dr String found in binary or memory: https://g21717.com/wap/downloadApp?promoCode=XPMJTR
Source: chromecache_133.2.dr String found in binary or memory: https://g933001.com
Source: chromecache_248.2.dr, chromecache_200.2.dr, chromecache_192.2.dr String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_248.2.dr, chromecache_200.2.dr, chromecache_192.2.dr String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_248.2.dr, chromecache_192.2.dr String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_133.2.dr String found in binary or memory: https://guwu.fun/download
Source: chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: https://j399229.com
Source: chromecache_133.2.dr String found in binary or memory: https://lucky298.com/vsgl
Source: chromecache_126.2.dr, chromecache_172.2.dr String found in binary or memory: https://lucky298.com/vsglat
Source: chromecache_177.2.dr String found in binary or memory: https://p.ssl.qhimg.com/t010e288a56a0b005e9.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common
Source: chromecache_125.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/images/errors/ico-605.png
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/curl/curl.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.j
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/main.js
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/urlencode.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/static/css/gb.validation.min.css
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1727078840674
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/bootstrap/bootstrap.min.css
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/common/themes/error.css
Source: chromecache_125.2.dr, chromecache_205.2.dr, chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites/images/touchicon.png
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/lang/zh_CN.css?v=1727078840674
Source: chromecache_125.2.dr, chromecache_205.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/Logo/405/1696591118080.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10004/1719343950451.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10006/1719344244164.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10008/1719344412734.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10010/1719344363451.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10047/1719344188380.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10048/1719344459903.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10049/1719344515771.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/fserver/files/gb/1761/carousel/10050/1719344563012.jpg)
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/all_bg.jpg
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/header/header_bg.jpg
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/header/top_bg.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/icon_marquee.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/1_9.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/3_108.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/code_bg.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_0.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_1.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_2.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_3.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_4.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_5.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_6.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/collabor_7.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/download_apple.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/download_bg.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_1.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_3.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_4.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_5.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/game_fish_42_5.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/hot_game_title.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/hotgame_title_bg.jpg
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_1.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_3.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_4.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/icon_game_5.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/service_inner_bg.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/service_out_bg.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/services_title.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/images/index/services_title_bg.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/bootstrap-dialog.min.css
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/common.css
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/images/default-banner.jpg
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/images/favicon/favicon_1761.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/bootstrap-dialog.min.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/float.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/gui-base.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery-1.11.3.min.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/layer.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/lazyload.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/moment.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/Comet.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/PopUp.js
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.css
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-skin-default.css
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/themes/hb/css/pc.css
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/pubads/images/ads1.png
Source: chromecache_174.2.dr String found in binary or memory: https://p3yw7u.innittapp.com/ftl/commonPage/zh_CN/pubads/images/ads2.png
Source: chromecache_133.2.dr String found in binary or memory: https://parimatchasia.onelink.me/nec7/949ac8d5?
Source: chromecache_174.2.dr String found in binary or memory: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js
Source: chromecache_174.2.dr String found in binary or memory: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=
Source: chromecache_133.2.dr String found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_1722c_&affid=2017190&siteid=18017&adid=1722&c=
Source: chromecache_126.2.dr, chromecache_172.2.dr, chromecache_133.2.dr String found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_2464c_&affid=2017190&siteid=18017&adid=2464&c=
Source: chromecache_133.2.dr String found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_2484c_&affid=2017190&siteid=18017&adid=2484&c=
Source: chromecache_133.2.dr String found in binary or memory: https://service.sdqhwtvbtwdf.com/C.ashx?btag=a_18017b_747c_&affid=2017190&siteid=18017&adid=747&c=
Source: chromecache_180.2.dr, chromecache_187.2.dr String found in binary or memory: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif
Source: chromecache_133.2.dr String found in binary or memory: https://wros8.top/vjS2
Source: chromecache_133.2.dr String found in binary or memory: https://www.4a0kzf.com/Yvj3
Source: chromecache_133.2.dr String found in binary or memory: https://www.4geg9xuc.app:30000/?i_code=2270535
Source: chromecache_177.2.dr String found in binary or memory: https://www.baidu.com/
Source: chromecache_177.2.dr String found in binary or memory: https://www.baidu.com/baidu
Source: chromecache_177.2.dr String found in binary or memory: https://www.baidu.com/img/baidu_jgylogo3.gif
Source: chromecache_133.2.dr String found in binary or memory: https://www.bvty583.com:35554/entry/register?i_code=2270535
Source: chromecache_133.2.dr String found in binary or memory: https://www.livechat.com/?welcome
Source: chromecache_133.2.dr String found in binary or memory: https://www.livechat.com/chat-with/15900159/
Source: chromecache_177.2.dr String found in binary or memory: https://www.so.com/
Source: chromecache_177.2.dr String found in binary or memory: https://www.sogou.com/
Source: chromecache_177.2.dr String found in binary or memory: https://www.sogou.com/web
Source: chromecache_177.2.dr String found in binary or memory: https://www.sogou.com/web/index/images/logo_440x140.v.4.png
Source: chromecache_133.2.dr String found in binary or memory: https://www.ss52611.com/vip.html?c=88003698540
Source: chromecache_133.2.dr String found in binary or memory: https://www.xivev6.com:9056/entry/register37012/?i_code=30114312
Source: chromecache_133.2.dr String found in binary or memory: https://wy-ali.meriksenrusso.com/wx/app/proxy-qrcode.html?url=aHR0cHM6Ly9hcHBpc28tdHkuc291emhhbnp4Lm
Source: chromecache_133.2.dr String found in binary or memory: https://wy-ali.meriksenrusso.com/wx/app/proxy-qrcode.html?url=aHR0cHM6Ly9hcHBpc28tdHkuenZiempzYi5jb2
Source: chromecache_133.2.dr String found in binary or memory: https://xj206.cc/
Source: chromecache_177.2.dr String found in binary or memory: https://zz.bdstatic.com/linksubmit/push.js
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown Network traffic detected: HTTP traffic on port 54150 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54093 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54138 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54115 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54178 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54103 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54132 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54184 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54149 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54075 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54167 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54121 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54173 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54081 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54104 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54156 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54185 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54099 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54120 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54162 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54143 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54086 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54094 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54126 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54151 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54109 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54168 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54137 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54179 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 54097 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown Network traffic detected: HTTP traffic on port 54102 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 54131 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 54125 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54179
Source: unknown Network traffic detected: HTTP traffic on port 54148 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54178
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54184
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54183
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54182
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54181
Source: unknown Network traffic detected: HTTP traffic on port 54119 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54186
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54185
Source: unknown Network traffic detected: HTTP traffic on port 54088 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54157 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54174 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54180
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 54180 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 54107 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54092 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54074
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54078
Source: unknown Network traffic detected: HTTP traffic on port 54114 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54163 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54077
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54075
Source: unknown Network traffic detected: HTTP traffic on port 54142 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown Network traffic detected: HTTP traffic on port 54181 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 54152 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54108 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54079
Source: unknown Network traffic detected: HTTP traffic on port 54169 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54085
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54084
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54083
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54082
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54089
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54088
Source: unknown Network traffic detected: HTTP traffic on port 54113 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54087
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54086
Source: unknown Network traffic detected: HTTP traffic on port 54136 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54081
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54080
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 54082 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown Network traffic detected: HTTP traffic on port 54130 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54098 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54186 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54096
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54095
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54094
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54093
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54099
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54098
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54097
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54087 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54158 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54092
Source: unknown Network traffic detected: HTTP traffic on port 54175 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54091
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54090
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown Network traffic detected: HTTP traffic on port 54129 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54106 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54137
Source: unknown Network traffic detected: HTTP traffic on port 54112 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54136
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54135
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54134
Source: unknown Network traffic detected: HTTP traffic on port 54078 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54139
Source: unknown Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54138
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54140
Source: unknown Network traffic detected: HTTP traffic on port 54164 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54144
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54143
Source: unknown Network traffic detected: HTTP traffic on port 54170 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54142
Source: unknown Network traffic detected: HTTP traffic on port 54141 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54141
Source: unknown Network traffic detected: HTTP traffic on port 54084 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54153 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54096 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54124 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54148
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54146
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54145
Source: unknown Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54149
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54151
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54150
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54155
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54154
Source: unknown Network traffic detected: HTTP traffic on port 54118 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54153
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54152
Source: unknown Network traffic detected: HTTP traffic on port 54135 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54089 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54100 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54159
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54158
Source: unknown Network traffic detected: HTTP traffic on port 54146 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54157
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54156
Source: unknown Network traffic detected: HTTP traffic on port 54091 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54162
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54161
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54166
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54165
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54164
Source: unknown Network traffic detected: HTTP traffic on port 54117 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54163
Source: unknown Network traffic detected: HTTP traffic on port 54159 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54101 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 54176 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown Network traffic detected: HTTP traffic on port 54134 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 54077 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54169
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54168
Source: unknown Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54167
Source: unknown Network traffic detected: HTTP traffic on port 54182 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54173
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54172
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54171
Source: unknown Network traffic detected: HTTP traffic on port 54165 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54170
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54177
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54176
Source: unknown Network traffic detected: HTTP traffic on port 54140 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54175
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54174
Source: unknown Network traffic detected: HTTP traffic on port 54123 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54171 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown Network traffic detected: HTTP traffic on port 54083 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54154 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54177 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54183 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54074 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54100
Source: unknown Network traffic detected: HTTP traffic on port 54145 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54122 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54080 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54109
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54104
Source: unknown Network traffic detected: HTTP traffic on port 54111 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54103
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54102
Source: unknown Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54101
Source: unknown Network traffic detected: HTTP traffic on port 54079 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54108
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54107
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54106
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54105
Source: unknown Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54139 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54111
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54110
Source: unknown Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54085 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54095 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54127 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54133 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54115
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54114
Source: unknown Network traffic detected: HTTP traffic on port 54110 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54113
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54112
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54119
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54118
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54117
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54116
Source: unknown Network traffic detected: HTTP traffic on port 54166 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54122
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54121
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54120
Source: unknown Network traffic detected: HTTP traffic on port 54172 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54105 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54155 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54126
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54125
Source: unknown Network traffic detected: HTTP traffic on port 54161 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54124
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54123
Source: unknown Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54129
Source: unknown Network traffic detected: HTTP traffic on port 54090 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54127
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54133
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54132
Source: unknown Network traffic detected: HTTP traffic on port 54144 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54131
Source: unknown Network traffic detected: HTTP traffic on port 54116 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 54130
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: classification engine Classification label: mal56.win@19/222@56/15
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2208,i,6175881093247667940,17631712759707295723,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://wap.theblmediagroup.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2208,i,6175881093247667940,17631712759707295723,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1521026 URL: http://wap.theblmediagroup.com/ Startdate: 28/09/2024 Architecture: WINDOWS Score: 56 26 Multi AV Scanner detection for domain / URL 2->26 28 Multi AV Scanner detection for submitted file 2->28 6 chrome.exe 1 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.4, 138, 443, 49634 unknown unknown 6->14 16 192.168.2.6 unknown unknown 6->16 18 239.255.255.250 unknown Reserved 6->18 11 chrome.exe 6->11         started        process5 dnsIp6 20 sslzz.jomodns.com 58.254.150.48, 443, 49747, 49760 UNICOM-GUANGZHOU-IDCChinaUnicomGuangdongIPnetworkCN China 11->20 22 l5-global.gslb.ksyuncdn.com 103.155.16.134, 443, 54083, 54084 TWIDC-AS-APTWIDCLimitedHK unknown 11->22 24 23 other IPs or domains 11->24
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
38.14.38.172
 www.theblmediagroup.com United States
174 COGENT-174US false
13.224.189.115
 d3h3opd4qa0dfk.cloudfront.net United States
16509 AMAZON-02US false
142.250.186.36
 www.google.com United States
15169 GOOGLEUS false
103.155.16.134
 l5-global.gslb.ksyuncdn.com unknown
134687 TWIDC-AS-APTWIDCLimitedHK false
148.153.240.75
 hcdnwsa120.v5.cdnhwczoy106.cn United States
63199 CDSC-AS1US false
103.235.47.188
 www.wshifen.com Hong Kong
55967 BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd false
103.235.46.96
 unknown Hong Kong
55967 BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd false
119.28.109.132
 www.sogou.com China
132203 TENCENT-NET-AP-CNTencentBuildingKejizhongyiAvenueCN false
13.224.189.73
 unknown United States
16509 AMAZON-02US false
122.10.20.83
 efdeyut4z5z159.com Hong Kong
134548 DXTL-HKDXTLTseungKwanOServiceHK false
239.255.255.250
 unknown Reserved
unknown unknown false
38.174.148.233
 551000e.cc United States
174 COGENT-174US false
58.254.150.48
 sslzz.jomodns.com China
136958 UNICOM-GUANGZHOU-IDCChinaUnicomGuangdongIPnetworkCN false

Private

IP
192.168.2.4
192.168.2.6

Contacted Domains

Name IP Active
efdeyut4z5z159.com 122.10.20.83 true
hcdnwsa120.v5.cdnhwczoy106.cn 148.153.240.75 true
l5-global.gslb.ksyuncdn.com 103.155.16.134 true
sslzz.jomodns.com 58.254.150.48 true
www.theblmediagroup.com 38.14.38.172 true
vkg.hpdbfezgrqwn.vip 122.10.20.83 true
fp2e7a.wpc.phicdn.net 192.229.221.95 true
wap.theblmediagroup.com 38.14.38.172 true
www.wshifen.com 103.235.47.188 true
d3h3opd4qa0dfk.cloudfront.net 13.224.189.115 true
551000e.cc 38.174.148.233 true
www.google.com 142.250.186.36 true
www.sogou.com 119.28.109.132 true
collect-v6.51.la unknown unknown
www.baidu.com unknown unknown
p.ssl.qhimg.com unknown unknown
zz.bdstatic.com unknown unknown
sp0.baidu.com unknown unknown
p3yw7u.innittapp.com unknown unknown
sdk.51.la unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://efdeyut4z5z159.com/imgs/mzb.png false
    		unknown
    https://551000e.cc/?__CBK=37c5f4d813b70de54a4901967875654481727486241_132265318 false
      		unknown
      https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/base.css false
        		unknown
        https://p3yw7u.innittapp.com/ftl/commonPage/themes/hongbao.css false
          		unknown
          https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/urlencode.js false
            		unknown
            https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/jquery/plugins/jquery.poshytip/poshytip.css false
              		unknown
              https://www.theblmediagroup.com/vue.min.js false
                		unknown
                https://www.sogou.com/web/index/images/logo_440x140.v.4.png false unknown
                https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-skin-default.css false
                  		unknown
                  https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/main.js false
                    		unknown
                    https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery-eventlock/jquery-eventlock-1.0.0.js?v=1727078840674 false
                      		unknown
                      https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/Comet.js false
                        		unknown
                        https://p3yw7u.innittapp.com/ftl/commonPage/js/float.js false
                          		unknown
                          https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/login.css false
                            		unknown
                            https://efdeyut4z5z159.com/banner.js false
                              		unknown
                              https://p3yw7u.innittapp.com/ftl/commonPage/js/idangerous.swiper.min.js false
                                		unknown
                                https://551000e.cc/message_zh_CN.js?v=1727078840674 false
                                  		unknown
                                  https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/lang/zh_CN.css?v=1727078840674 false
                                    		unknown
                                    https://551000e.cc/images/favicon.png false
                                      		unknown
                                      https://p3yw7u.innittapp.com/061410/rcenter/common/js/curl/curl/plugin/css.js?v=1727078840674 false
                                        		unknown
                                        https://p3yw7u.innittapp.com/ftl/commonPage/js/jquery/jquery.super-marquee.js false
                                          		unknown
                                          https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/common.css?v=1727078840674 false
                                            		unknown
                                            https://p3yw7u.innittapp.com/ftl/bet365-1761/themes/style/common.css false
                                              		unknown
                                              https://p3yw7u.innittapp.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/jquery.validate.js false
                                                		unknown
                                                https://551000e.cc/index/getAppsUrl.html?device=android&fPixelId=&accessToken=&apiVersion= false
                                                  		unknown
                                                  https://p3yw7u.innittapp.com/061410/rcenter/common/js/bootstrap-dialog/bootstrap-dialog.js?v=1727078840674 false
                                                    		unknown
                                                    https://p3yw7u.innittapp.com/ftl/commonPage/js/websocket/CometMarathon.js false
                                                      		unknown
                                                      https://p3yw7u.innittapp.com/ftl/commonPage/js/layer.js false
                                                        		unknown
                                                        https://p3yw7u.innittapp.com/061410/rcenter/common/themes/base.css false
                                                          		unknown
                                                          https://551000e.cc/commonPage/error.html false
                                                            		unknown
                                                            https://efdeyut4z5z159.com/quicklink.umd.js false
                                                              		unknown
                                                              https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/components/selectPure.js?v=1727078840674 false
                                                                		unknown
                                                                https://551000e.cc/favicon.ico false
                                                                  		unknown
                                                                  https://p3yw7u.innittapp.com/061410/rcenter/common/images/errors/blue-bg.jpg false
                                                                    		unknown
                                                                    https://efdeyut4z5z159.com/imgs/2024ozb.png false
                                                                      		unknown
                                                                      https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-layer.css false
                                                                        		unknown
                                                                        https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/font-awesome/font-awesome.css false
                                                                          		unknown
                                                                          https://551000e.cc/ false
                                                                            		unknown
                                                                            https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/style.css false
                                                                              		unknown
                                                                              https://p3yw7u.innittapp.com/ftl/commonPage/themes/gui-base.css false
                                                                                		unknown
                                                                                https://zz.bdstatic.com/linksubmit/push.js false
                                                                                  		unknown
                                                                                  https://p3yw7u.innittapp.com/061410/rcenter/msites/themes/default/content.css false
                                                                                    		unknown
                                                                                    https://p3yw7u.innittapp.com/061410/rcenter/common/js/gamebox/common/errors/templateWrap.js?v=1727078840674 false
                                                                                      		unknown
                                                                                      https://collect-v6.51.la/v6/collect?dt=4 false
                                                                                        		unknown
                                                                                        https://p3yw7u.innittapp.com/061410/rcenter/common/themes/default/bootstrap/bootstrap.min.css false
                                                                                          		unknown
                                                                                          https://p3yw7u.innittapp.com/061410/rcenter/common/js/bootstrap/bootstrap.js?v=1727078840674 false
                                                                                            		unknown
                                                                                            https://efdeyut4z5z159.com/popper.min.js false
                                                                                              		unknown
                                                                                              https://p3yw7u.innittapp.com/061410/rcenter/common/js/bootstrap-daterangepicker/moment.js?v=1727078840674 false
                                                                                                		unknown
                                                                                                https://551000e.cc/mobile-api/v5/origin/getFloat.html false
                                                                                                  		unknown
                                                                                                  https://efdeyut4z5z159.com/imgs/spb.png false
                                                                                                    		unknown