Report - cn.mebtx49.com/

Report Overview

Submitted URL
cn.mebtx49.com/
IP
143.92.56.150
ASN
#64050 BGPNET Global ASN
Submitted
2024-03-29 04:47:29
Access
public
Website Title
赞助下载页
Final URL
www.manbetx.uk/#/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cn.mebtx49.com	unknown	unknown	No data	No data	5.0 kB	339 kB	61.4.118.119
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-03-28	875 B	167 kB	142.250.74.72
www.f4bzyrz92us3.com	unknown	2019-11-02	2019-11-02	2024-03-22	838 B	1.4 kB	172.65.201.65
	unknown				20 kB	631 kB	103.197.58.87
www.manbetx.uk	unknown	2017-03-22	2017-07-02	2024-03-22	6.2 kB	1.1 MB	54.254.141.126
hm.baidu.com	8254	1999-10-11	2012-05-26	2024-03-28	1.1 kB	12 kB	103.235.46.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX
2024-03-28	medium	cn.mebtx49.com/	ManBetX

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	unknown	331 B	2024-03-29	2024-03-29
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-03-29 05:47:39 Last Seen2024-03-29 05:47:39 Times Seen1 Hash 57294b282a44f0c8fe223b899fc3ba31 7b177a46920f21e136b1a40be0da8041bb608612 85d02f1627b33ab7f7e6812e08aeb735a17496b866cc90030c34cf7841b77b9b Loading...

	www.manbetx.uk/js/chunk-vendors.09153fc0.js	196 kB	2023-07-21	2024-04-13
Pretty URL www.manbetx.uk/js/chunk-vendors.09153fc0.js IP 54.254.141.126 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-21 08:47:58 Last Seen2024-04-13 18:37:13 Times Seen154 Hash 98663e4d04b721508070c9c8bc4b7c87 9c031793188378d9e80aae3cb37c8a6880b451ac 1724651caffbe239a347d0bb469a24a5cadfdd355044716b0768f76b49b403eb Loading...

	www.manbetx.uk/js/chunk-064772aa.a65ceb8e.js	988 B	2023-07-21	2024-04-13
Pretty URL www.manbetx.uk/js/chunk-064772aa.a65ceb8e.js IP 54.254.141.126 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-21 08:47:58 Last Seen2024-04-13 18:37:14 Times Seen372 Hash b8c83bc4f2ee2a499c90bbcf97075e80 0c6a587b8ce643a6bf75d353792b8e11ea2f3d66 bd65a4d3aa49fd90aca67d76c2d003f00bfbfc0148dcfb5e6311c25b9ffb9ae7 Loading...

	hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac	30 kB	2024-03-29	2024-03-29
Pretty URL hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 05:47:39 Last Seen2024-03-29 05:47:40 Times Seen2 Hash 6122765ea1186941480cd83a7b14de9f 07a2c4be23ae567de1788fa44727eaf2cb5a8eaf 06f21e9095b101935f09d383eeb579bc08c5966f54217a15c75d90e9aab00ebb Loading...

	unknown	37 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49:14 Last Seen2024-04-27 21:24:17 Times Seen21927 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	www.manbetx.uk/js/app.837032ff.js	7.2 kB	2023-07-21	2024-04-13
Pretty URL www.manbetx.uk/js/app.837032ff.js IP 54.254.141.126 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-21 08:47:58 Last Seen2024-04-13 18:37:13 Times Seen154 Hash e38f5e530245b6c99db0d4915944fdfa 7ad81137f3d44558abbc8808b276c9c4b2555125 a726306491edfa75ea237a26619f2cb4da2a9f191086301df158d9cf36e63c9c Loading...

HTTP Transactions (70)

URL IP Response Size

cn.mebtx49.com/

61.4.118.119

88 B

URL
cn.mebtx49.com/
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
HTML document, ASCII text, with no line terminators
Size
88 B (88 bytes)
Hash
48bbf980705b568e8369924625515c21
145b845d40383fb91d2824407bf031ffb6e8d1c8
0dc45d98559f1de26a0c765277d5637dee4f5ef299b92d3105441ef6d1931d6a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET / HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:52:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Set-Cookie: ccd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mebtx49.com
vcd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mebtx49.com
PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; path=/
_first=false; expires=Wed, 10-Apr-2024 04:47:02 GMT; Max-Age=1036800; path=/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: c8f674cff356a51520aca42c3d8ec60b
Strict-Transport-Security: max-age=31536000; includeSubDomains

cn.mebtx49.com/favicon.ico

61.4.118.119

152 B

URL
cn.mebtx49.com/favicon.ico
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
HTML document, ASCII text
Size
152 B (152 bytes)
Hash
879e97919a993283dff3a8d1abb8447e
412c7a4d3182c45cccc39227c0a54c8f99f9be29
a8eecb4cd99792b7902d1141c6309e6760ca3576e668b8e0ed177f3044a48848

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 29 Mar 2024 04:52:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
ETag: W/"5d650431-bf"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Server: gocache
Strict-Transport-Security: max-age=31536000; includeSubDomains

cn.mebtx49.com/home/register

61.4.118.119

20 kB

URL
cn.mebtx49.com/home/register
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
HTML document, Unicode text, UTF-8 text, with very long lines (396)
Size
20 kB (20468 bytes)
Hash
19549e5e9d9415dce87cf055d021fba6
a52b5bcf009de27033334cddc1045cfc600a12b5
93d82dcd50b883c3239c4c1f11c51baead802e1d5f363681e2ee1b0863fb7748

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET /home/register HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:52:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Set-Cookie: ccd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mebtx49.com
vcd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mebtx49.com
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: f678b25d67b61f015af0298b84a7223b
Strict-Transport-Security: max-age=31536000; includeSubDomains

www.googletagmanager.com/gtag/js?id=UA-119765380-3

142.250.74.72

76 kB

URL
www.googletagmanager.com/gtag/js?id=UA-119765380-3
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
76 kB (75617 bytes)
Hash
9575caf440cb6b35ee219f965e1f7d82
8145a7262c1c0b28f1b9af3ebeca6842efa19883
56851cb7884abf68e6c65330c0bc4f1d6809556af65a81dafd5c175bbbfab3df

HTTP Headers

GET /gtag/js?id=UA-119765380-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 04:47:04 GMT
expires: Fri, 29 Mar 2024 04:47:04 GMT
cache-control: private, max-age=900
last-modified: Fri, 29 Mar 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75617
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.f4bzyrz92us3.com/E2/EagleEye.js?1711687624

172.65.201.65

456 B

URL
www.f4bzyrz92us3.com/E2/EagleEye.js?1711687624
IP
172.65.201.65:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1180)
Size
456 B (456 bytes)
Hash
d6ad32c6621f143f844f28f92844b132
32f46672f5e74795b4e4c2f657f15361dc569e1b
6ccb2d96f712961f53178f4eaba545187cec67ef2781a82c61b7731ff3b47b32

HTTP Headers

GET /E2/EagleEye.js?1711687624 HTTP/1.1
Host: www.f4bzyrz92us3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: gocache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br

static-content-cn.g033ck2dnyuo.com:9587/js/livechat.js?202010021

103.197.58.87

306 B

URL
static-content-cn.g033ck2dnyuo.com:9587/js/livechat.js?202010021
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, ASCII text, with very long lines (477)
Size
306 B (306 bytes)
Hash
c391a4be2c99c7964fba820f219cfd2c
a6f5c3e2febea4e66d7a2ef18bddd4f79e30f59e
9609ff5f295a5b01039dcec7a3368350adf5f810a811ef40f8021a5f10ac6a67

HTTP Headers

GET /js/livechat.js?202010021 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd8-1de"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102

103.197.58.87

12 kB

URL
static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
Unicode text, UTF-8 text, with very long lines (449)
Size
12 kB (11949 bytes)
Hash
f0fe76d8e9bc1643880d6e1bebc094a8
55ce3934ebe9a8cd24d2c1bc7d0f85a3b991ac4c
4bdb84d2843572a2304998e42664919bd80caad5062278292b7881156bcc3a14

HTTP Headers

GET /style/main.css?20240102 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Feb 2024 02:17:39 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"65dd4643-d553"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: EXPIRED
Content-Encoding: gzip

static-content-t.g033ck2dnyuo.com:9587/style/css.css?202403181

103.197.58.87

21 kB

URL
static-content-t.g033ck2dnyuo.com:9587/style/css.css?202403181
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
Unicode text, UTF-8 text, with very long lines (525)
Size
21 kB (21128 bytes)
Hash
8ae144040e67f1beb724c8cc68664df6
5b90ba3b78ecedb63d64c02f61dc60ed80b3fcfa
3ae8740eb41dfbdcf7ddc23bacfc36925fab0a2fcbfa8edeb3f78bb331486091

HTTP Headers

GET /style/css.css?202403181 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 18 Mar 2024 03:08:37 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"65f7b035-1f585"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/js/jquery/jquery.carousel.js

103.197.58.87

5.9 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/js/jquery/jquery.carousel.js
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text
Size
5.9 kB (5891 bytes)
Hash
71a7804f6ceba37637cc94c9a6df938a
fe8b0e7dd527e5eb1e9cd5bddee9cf2f269663d4
9b50e23f1dad4b2ed9c2f30e5fc8e62e199d52eb8acf92aa2fdc84a0a335e3dd

HTTP Headers

GET /js/jquery/jquery.carousel.js HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd8-5e3a"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/js/game/Game.js?20220202

103.197.58.87

7.9 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/js/game/Game.js?20220202
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
Unicode text, UTF-8 text
Size
7.9 kB (7934 bytes)
Hash
d7792ecae88bd0589e62bf094c76e767
514b4ee5feab8b9dd7309d017ee7603dbaaa6e88
5f3e3b98bf45fc1446ed3f9a39351115b039d7203844b19e6375f40a8f97e125

HTTP Headers

GET /js/game/Game.js?20220202 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Mar 2024 05:03:50 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"660105b6-f415"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/util/messenger.css

103.197.58.87

1.7 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/util/messenger.css
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
ASCII text, with very long lines (538)
Size
1.7 kB (1690 bytes)
Hash
26f774e67203df0b4387b8fdee38643c
d46d750b7882c8c3aff3690472c6ad6c5c32d546
3d3b344953f5a8668a3a045c902c84e530407997885301cfffd4a1724b6b37f8

HTTP Headers

GET /util/messenger.css HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd9-2410"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/css/base.css?202401022

103.197.58.87

30 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/css/base.css?202401022
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
assembler source, Unicode text, UTF-8 text, with very long lines (539)
Size
30 kB (29865 bytes)
Hash
451f317355bbfa14789e52658dd15c13
f8c7b3ea62315b225fef839622567d8379469d48
ca72d2df15b2d653b126a1e95e18aaac8d495f6b5f7e2dd1a39563a516553c00

HTTP Headers

GET /css/base.css?202401022 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Feb 2024 02:17:31 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"65dd463b-29bb5"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/util/rsa.js

103.197.58.87

4.7 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/util/rsa.js
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
ASCII text, with very long lines (5026)
Size
4.7 kB (4736 bytes)
Hash
2e28749b1ce6013a456d4498a447dff3
89d8c436922a84f097e86090179d112c3d6e13c2
1748bdff25c71702d781b076f961920ef32283e324153b256e963202431a35ba

HTTP Headers

GET /util/rsa.js HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd9-34ca"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/js/jquery/jquery.min.js

103.197.58.87

33 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/js/jquery/jquery.min.js
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, ASCII text, with very long lines (32047)
Size
33 kB (33321 bytes)
Hash
5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

HTTP Headers

GET /js/jquery/jquery.min.js HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd8-176bb"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/util/error.js?20231207

103.197.58.87

3.4 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/util/error.js?20231207
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
Unicode text, UTF-8 text
Size
3.4 kB (3432 bytes)
Hash
45bfafb40cf0d2e3c2b455b587852ad7
491df826d0dd4778bb5d6799ffcea1a565177b73
ee5c8f604c14e984f2f5f0165c87a4f73ac6eca30172850882fbdb2554255523

HTTP Headers

GET /util/error.js?20231207 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 05:55:07 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"635a1d3b-2436"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-t.g033ck2dnyuo.com:9587/js/jquery-ui.js

103.197.58.87

125 kB

URL
static-content-t.g033ck2dnyuo.com:9587/js/jquery-ui.js
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, ASCII text, with very long lines (1002)
Size
125 kB (125243 bytes)
Hash
ab5284de5e3d221e53647fd348e5644b
75c20acdc6cbc6334fe2b918ab7afeec007f969e
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

HTTP Headers

GET /js/jquery-ui.js HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd9-7f20a"
Expires: Fri, 29 Mar 2024 07:47:05 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/js/member/reg.simple.js?20230220

103.197.58.87

2.6 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/js/member/reg.simple.js?20230220
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.6 kB (2592 bytes)
Hash
e15af9186bacda7695a391117d9c9b5b
03c84c7d9f36fbae6223337efc317fad770acc32
e26bc368dfdb97fdd1fa617c206f33d994b6cf6536cb95a054ed3f89b328346e

HTTP Headers

GET /js/member/reg.simple.js?20230220 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Mar 2024 05:03:50 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"660105b6-2871"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/util/all.js?20230912

103.197.58.87

23 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/util/all.js?20230912
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (5480)
Size
23 kB (22902 bytes)
Hash
f5aa16a242596257e153e33c5b8fb232
804252d4387c4fda0141e9bf4fd2a05bb3c7068a
c21ffeeff6782e69216ce2fdf3fd54289af1d7b4a8bc2af9b83c0679c5969782

HTTP Headers

GET /util/all.js?20230912 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Sep 2023 03:06:22 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6501272e-13044"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-cn.g033ck2dnyuo.com:9587/js/jquery/jquery.validate.js?2017121201

103.197.58.87

13 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/js/jquery/jquery.validate.js?2017121201
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1256)
Size
13 kB (12567 bytes)
Hash
9ae9af365281ce3f25d122cac961720b
e7553457cf06b38ff9caf310f82d4ab1f6407e02
3a8c9b873eb9cac6c7c2d48b17b3b95ee6fff57c96a3469543e15217ea138297

HTTP Headers

GET /js/jquery/jquery.validate.js?2017121201 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd8-ed9a"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_08p.png

103.197.58.87

15 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_08p.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced
Size
15 kB (14696 bytes)
Hash
ce8af7d88dfe5a8cc857666523c01fea
370b5c460e31540ff1c8685fe2188adfc8fe3641
7ba510715c55f7c648e19a82b9690f58ac0136c370be907bcce569c08bf03a74

HTTP Headers

GET /images/nav/promo_08p.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: image/png
Content-Length: 14696
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-3968"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/d11_images/header_logo.png

103.197.58.87

8.1 kB

URL
static-content-t.g033ck2dnyuo.com:9587/d11_images/header_logo.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 183 x 50, 8-bit/color RGBA, non-interlaced
Size
8.1 kB (8085 bytes)
Hash
ba4e53b518e93e6e98714c2548233f05
003d6c28449cf1a1a929c328cd87a4ef8c4cf660
f5ab541d2b50b2cf444e34876cb5e9ec0e6977c90b4672229cf00e82a66812fb

HTTP Headers

GET /d11_images/header_logo.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: image/png
Content-Length: 8085
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:45:39 GMT
ETag: "62d84d53-1f95"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_12p.png

103.197.58.87

13 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_12p.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced
Size
13 kB (13381 bytes)
Hash
771df357a82b3f121039b605126d9031
49ac1b1ce8829f54c43e4012c0b21f2fffc6fea7
7020ab66168f898a06e3743b3793745da0a9d6017bae2934e842e6ec4addc094

HTTP Headers

GET /images/nav/promo_12p.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: image/png
Content-Length: 13381
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-3445"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

www.f4bzyrz92us3.com/E2/EagleEye.js?1711687624

172.65.201.65

459 B

URL
www.f4bzyrz92us3.com/E2/EagleEye.js?1711687624
IP
172.65.201.65:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1180)
Size
459 B (459 bytes)
Hash
2dad4ca429e9f534810a3e8d1a7f867a
79321c0b69dd24eb3888f10efbf1bd09dd03c612
eb836b5b4acca85f7f286d6b3c2ff5ce287fde94b7e599373ba787784795e397

HTTP Headers

GET /E2/EagleEye.js?1711687624 HTTP/1.1
Host: www.f4bzyrz92us3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: gocache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br

cn.mebtx49.com/kz/verifycode

61.4.118.119

1.4 kB

URL
cn.mebtx49.com/kz/verifycode
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x28, components 3
Size
1.4 kB (1352 bytes)
Hash
270ce5b09783ce82b7b1b04121c9f015
f11f6ca02fd72636e9f7cb7acbdfb4beed8a25df
75a6743d0e8be58c68738f42aae3e2f2af4df6ad9ff061f6e8f3b1a3b83975b0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET /kz/verifycode HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/home/register
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 29 Mar 2024 04:52:56 GMT
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 1352
Connection: keep-alive
Set-Cookie: JSESSIONID=65C3559DBA4988034ADE5A03C7FC8139; Path=/; HttpOnly
VERIFYCODEID=65C3559DBA4988034ADE5A03C7FC8139; Domain=mebtx49.com; Path=/; HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: e8335c93ab4fc5a69b39c988ee40ca49
Strict-Transport-Security: max-age=31536000; includeSubDomains

cn.mebtx49.com/service/verifycode

61.4.118.119

19 B

URL
cn.mebtx49.com/service/verifycode
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
JSON text data
Size
19 B (19 bytes)
Hash
4ad08678901cb673672f36204f70d735
441e5e36346e25ad385500e3a604c53e591cbb12
6566baa1cc107e7ff2793f7e3e2d7276e177a3a70632ffbf231800a172b6e4ff

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET /service/verifycode HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/home/register
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Fri, 29 Mar 2024 04:52:56 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 19
Connection: keep-alive
Set-Cookie: JSESSIONID=53BC1A64C7D16FEBE1B8FED1C570E3B6; Path=/; Secure; HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: dd949ac5d35a8f6ff72b105774cbf106
Strict-Transport-Security: max-age=31536000; includeSubDomains

static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_keno.png

103.197.58.87

21 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_keno.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced
Size
21 kB (21322 bytes)
Hash
f3d3231964cd6c0b98aceaa07e9626b6
2fdcca8cdf610057e37e86e9c679f87d959a1821
3075e79d3c7ef852ed0a95aa56324509b499446a6d8a454fed94f1fdd102fd90

HTTP Headers

GET /images/nav/promo_keno.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: image/png
Content-Length: 21322
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-534a"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-cn.g033ck2dnyuo.com:9587/js/kz.js?20240220

103.197.58.87

11 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/js/kz.js?20240220
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (340)
Size
11 kB (10875 bytes)
Hash
ae9883fc919d2c23cc383c4186b66f97
389e7b798e0fd9be52a48b22090ac58757c1ccc3
bd33b01f26d46a57d318e2c4aca097e2af4bebc6f6abf4f361d6f3184b426faa

HTTP Headers

GET /js/kz.js?20240220 HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Mar 2024 05:13:46 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6601080a-e5cf"
Expires: Fri, 29 Mar 2024 04:47:05 GMT
Cache-Control: no-cache
Conexiq-CDN-Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip

static-content-t.g033ck2dnyuo.com:9587/d11_images/icon_mobile.png

103.197.58.87

300 B

URL
static-content-t.g033ck2dnyuo.com:9587/d11_images/icon_mobile.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 15 x 18, 8-bit/color RGBA, non-interlaced
Size
300 B (300 bytes)
Hash
87b9952aa4def5ac2d4dce81528ecae3
e34496b167df036229e923d8686858c0a306c1e2
7aa81a942fe7f67e5b132b047c4db23993d6ffff8eaafd3692a6824236e11def

HTTP Headers

GET /d11_images/icon_mobile.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 300
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:45:39 GMT
ETag: "62d84d53-12c"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-cn.g033ck2dnyuo.com:9587/images/close.png

103.197.58.87

1.1 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/images/close.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 21 x 40, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1148 bytes)
Hash
64ead6c5d9cbfe3e933c97c2cb20dacc
b7b034fd70b27180d27daa9c8bacb50ce721f025
55aa71e8f5f59bec62fc6361e10bcf106d21af39a087c4009931884fd03b5229

HTTP Headers

GET /images/close.png HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-cn.g033ck2dnyuo.com:9587/css/base.css?202401022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 1148
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
ETag: "62d84dd8-47c"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-cn.g033ck2dnyuo.com:9587/images/common_spirits.png

103.197.58.87

8.4 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/images/common_spirits.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 197 x 853, 8-bit/color RGBA, non-interlaced
Size
8.4 kB (8399 bytes)
Hash
44540d8c4a0f15ac3c79ec50c38068ba
09a60fef078669da7113fbc9f9129b3a238e1b10
d963d332fe095e110da648b267af4941bcb3d0b3988459d5f2039ebcadf4c2f0

HTTP Headers

GET /images/common_spirits.png HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-cn.g033ck2dnyuo.com:9587/css/base.css?202401022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 8399
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
ETag: "62d84dd8-20cf"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-cn.g033ck2dnyuo.com:9587/images/modal_reminder_deco.png

103.197.58.87

1.1 kB

URL
static-content-cn.g033ck2dnyuo.com:9587/images/modal_reminder_deco.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 232 x 12, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1119 bytes)
Hash
3f99b65d5f4c689ea127400c44026e81
60f91d0531242fed70f77991419d8c0442ae4299
581ca9e4c82ad7b55ba31fa2033aae45ec122c4be965c2c0eb465da2cbe13dee

HTTP Headers

GET /images/modal_reminder_deco.png HTTP/1.1
Host: static-content-cn.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-cn.g033ck2dnyuo.com:9587/css/base.css?202401022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 1119
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
ETag: "62d84dd8-45f"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_event.png

103.197.58.87

34 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_event.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 231 x 184, 8-bit/color RGBA, non-interlaced
Size
34 kB (33820 bytes)
Hash
4590b5333179fefe5ea8e8f1a3638da3
a0a932f3ca433bc1ea5f788e09eddfa617a4c69e
0b3af6b7e8676050661aedd1b94b28045c7a9c905424cbde85f95f7faaf1ea43

HTTP Headers

GET /images/nav/promo_event.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:06 GMT
Content-Type: image/png
Content-Length: 33820
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-841c"
Expires: Fri, 29 Mar 2024 07:47:06 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/icon_mobile.png

103.197.58.87

143 B

URL
static-content-t.g033ck2dnyuo.com:9587/images/icon_mobile.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 15 x 18, 8-bit gray+alpha, non-interlaced
Size
143 B (143 bytes)
Hash
9a413aaa3c056af34c80628bee9e4586
a676a5b3e90762c8c4a9314985e9abf2bad95666
5aa5f649a8a53a15e0b65385149db1ed4f7b6286ff043f5fd96445173fc8d6d3

HTTP Headers

GET /images/icon_mobile.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 143
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-8f"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=G-3LRD95F87M&l=dataLayer&cx=c

142.250.74.72

90 kB

URL
www.googletagmanager.com/gtag/js?id=G-3LRD95F87M&l=dataLayer&cx=c
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (90098 bytes)
Hash
24acecb96f0852c851252229d2f0d7fd
f72dd393c0f0fb3570ac4908749d386e1f5def01
77481390913fd3ea6d89a99629522d83b3095ca5ea6ab99cefa59a0e42dc30cf

HTTP Headers

GET /gtag/js?id=G-3LRD95F87M&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 04:47:07 GMT
expires: Fri, 29 Mar 2024 04:47:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90098
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static-content-t.g033ck2dnyuo.com:9587/images/icons.png?1

103.197.58.87

3.2 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/icons.png?1
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 39 x 373, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3150 bytes)
Hash
a64222f0baf49b7b54175cb4b70c7772
179e5f57fdd5dee04578274231a5445b76b83ae2
382fcd4debce444b68de702fa69d2b8935ba546457f1a36d358d312baec1f35b

HTTP Headers

GET /images/icons.png?1 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 3150
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 01:02:20 GMT
ETag: "63d9ba1c-c4e"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/d11_images/register/form_bg.png

103.197.58.87

20 kB

URL
static-content-t.g033ck2dnyuo.com:9587/d11_images/register/form_bg.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 410 x 800, 8-bit/color RGBA, non-interlaced
Size
20 kB (20040 bytes)
Hash
86baccc2262d17c30a1554f6b346b1c8
696ce785c5c17611fecb6dd78d9662c141deffd4
dfe93dfcc0d88efa36f759f6b0e758a0b37bd91aa65bfa7936763eda17ea6f9f

HTTP Headers

GET /d11_images/register/form_bg.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 20040
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:45:39 GMT
ETag: "62d84d53-4e48"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_1.png

103.197.58.87

9.2 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/nav/promo_1.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9153 bytes)
Hash
35232fc24b2dc1c976d9c5dc6a13c8c8
f5003ab920e63450703abae5e6e6be411c04de45
e13f9e04322055a0384d1cb68558705c6514711cd65496f8d640537ee6c03247

HTTP Headers

GET /images/nav/promo_1.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 9153
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-23c1"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/register/form_bg.png

103.197.58.87

3.2 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/register/form_bg.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 410 x 800, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3222 bytes)
Hash
0f7cd96cb7cef4b9217f90e92920ab6e
36cc27443ed415c168ef9e700224011fcc56dfc4
cd8bbd1b5d1b7309612fe10c894f8c0a3a5ca889331da9a56414f373464501c5

HTTP Headers

GET /images/register/form_bg.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 3222
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-c96"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/register/icon_eye.png

103.197.58.87

388 B

URL
static-content-t.g033ck2dnyuo.com:9587/images/register/icon_eye.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
388 B (388 bytes)
Hash
25caaed99359f8457952ec929497c610
d79b842381cc35b013b72e8eee86aaff32cc68b1
ae84f234ff196c67c9d72336ace3a039460ef08dbd54bf288de428d8dfd4365e

HTTP Headers

GET /images/register/icon_eye.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 388
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-184"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

cn.mebtx49.com/kz/gp/v1/halls?_=1711687626643

61.4.118.119

1.7 kB

URL
cn.mebtx49.com/kz/gp/v1/halls?_=1711687626643
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
JSON text data
Size
1.7 kB (1657 bytes)
Hash
8a806c32cdada21c946550ed8fa67948
1e06f46bb3365143275c299e99f7190843468424
31db0212f24349d724d967b764fc43b02fab38fb23641a9c929c0e23334d17d2

HTTP Headers

GET /kz/gp/v1/halls?_=1711687626643 HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/home/register
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false; JSESSIONID=53BC1A64C7D16FEBE1B8FED1C570E3B6; VERIFYCODEID=65C3559DBA4988034ADE5A03C7FC8139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:52:57 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
X-Powered-By: Express
ETag: W/"223b-ioBsMs2tohyUZVDtj6Z5SA"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: cc85a311fa974c199192ced0c1ab4e42
Strict-Transport-Security: max-age=31536000; includeSubDomains

static-content-t.g033ck2dnyuo.com:9587/images/footer_supports_hover.png?9

103.197.58.87

7.4 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/footer_supports_hover.png?9
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 30 x 174, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7362 bytes)
Hash
450da5e1024050be47083963bfeef8a1
498dc30e72d3f82ddc7d12b8a8cfdb2fa1aa4323
b8eb162ba4dd5f1752300b9625aa98f924eb55d937826b2a227f86ffb51f05cc

HTTP Headers

GET /images/footer_supports_hover.png?9 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 7362
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-1cc2"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/d11_images/footer_supports_hover.png?9

103.197.58.87

6.2 kB

URL
static-content-t.g033ck2dnyuo.com:9587/d11_images/footer_supports_hover.png?9
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 30 x 174, 8-bit/color RGBA, non-interlaced
Size
6.2 kB (6153 bytes)
Hash
89203da3a7f6cd69c626446854368222
0a861d62cd091a150ce253ecedf0dff49c80b3f0
ae58de0a439617b67724ced1eee3bc04d8103d1a8f34a9ac362d1a842e06d2e7

HTTP Headers

GET /d11_images/footer_supports_hover.png?9 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 6153
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:45:39 GMT
ETag: "62d84d53-1809"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/register/tick.png

103.197.58.87

444 B

URL
static-content-t.g033ck2dnyuo.com:9587/images/register/tick.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced
Size
444 B (444 bytes)
Hash
077cd6729828909df9e8d387b91bdaa9
e18a6a43471158c5af525d6fce505a5695a87e49
c3dd497f34d2204de6f86a554ca97321a269d2d35482c4b79249a2cd95476783

HTTP Headers

GET /images/register/tick.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 444
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-1bc"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/footer_football.png?5

103.197.58.87

21 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/footer_football.png?5
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 23 x 1057, 8-bit/color RGBA, non-interlaced
Size
21 kB (20588 bytes)
Hash
1070cd5b06840cf7f154e66c09ac305e
8864ddecf4ae0db0790bb5c901da76bc0b31c84a
c76aa339cc81f581354af830b7ac9984cafbd3836e2f1e53762b7baa720cb43e

HTTP Headers

GET /images/footer_football.png?5 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 20588
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-506c"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/d11_images/nav/promo_sponsor.png?1

103.197.58.87

46 kB

URL
static-content-t.g033ck2dnyuo.com:9587/d11_images/nav/promo_sponsor.png?1
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 183 x 110, 8-bit/color RGBA, non-interlaced
Size
46 kB (45701 bytes)
Hash
4392b15e336dc870834d64c829f8c150
af6de84ddea52908d6434951bd12c2bfbaff3b7e
ff63b8ecd5b681b2e0a3d2cff1a1d327145839ae919ac0f7d025857d61656992

HTTP Headers

GET /d11_images/nav/promo_sponsor.png?1 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 45701
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:45:39 GMT
ETag: "62d84d53-b285"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Accept-Ranges: bytes

cn.mebtx49.com/fimg/i2023113b5e4cdfb4e34ef3b3551a11e6e40c97.jpg

61.4.118.119

26 kB

URL
cn.mebtx49.com/fimg/i2023113b5e4cdfb4e34ef3b3551a11e6e40c97.jpg
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 400x400, components 3
Size
26 kB (25585 bytes)
Hash
747c3bc04650cfb23e970298dfb1bf82
2b255a33ca6c270e6b14cb42b33f2face5745eaf
03fa75df76decf6e9b6f9c880a8ea1f500cdded3871f87ff3d4c8f9167230c1c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET /fimg/i2023113b5e4cdfb4e34ef3b3551a11e6e40c97.jpg HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/home/register
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:52:57 GMT
Content-Type: image/jpeg
Content-Length: 25585
Connection: keep-alive
Last-Modified: Sat, 18 Nov 2023 12:17:19 GMT
ETag: "6558ab4f-63f1"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Server: gocache
Expires: Sat, 30 Mar 2024 04:52:57 GMT
Cache-Control: max-age=86400
c-Type: st
rid: 8783bfc35946c43725f23a042a169743
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache-Status: HIT
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/icons_login.png

103.197.58.87

4.1 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/icons_login.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 26 x 330, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4053 bytes)
Hash
405c7bc8638bddb314e549e4eebec2e3
75f6a3b0b6ffdeed31bff28f8ae1f1a3e481260c
cd98cf8ee2f82e9903fb28490a4fc9f318fb60f0f8f0c1f080cee3dce0d6c9b9

HTTP Headers

GET /images/icons_login.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 4053
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-fd5"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/icons_login.png?2

103.197.58.87

4.1 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/icons_login.png?2
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 26 x 330, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4053 bytes)
Hash
405c7bc8638bddb314e549e4eebec2e3
75f6a3b0b6ffdeed31bff28f8ae1f1a3e481260c
cd98cf8ee2f82e9903fb28490a4fc9f318fb60f0f8f0c1f080cee3dce0d6c9b9

HTTP Headers

GET /images/icons_login.png?2 HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 4053
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-fd5"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/icon_return.png

103.197.58.87

778 B

URL
static-content-t.g033ck2dnyuo.com:9587/images/icon_return.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 18 x 18, 8-bit/color RGBA, interlaced
Size
778 B (778 bytes)
Hash
fabab84476aede515f6619fb53cec396
84650df8e118c2c101bc0bf6e20d9c76d4303b06
8141cf949879defeb74a01e369563041075c8417c2f3e8789bd07fcdb6499552

HTTP Headers

GET /images/icon_return.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 778
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-30a"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

cn.mebtx49.com/home/getGeo

61.4.118.119

76 B

URL
cn.mebtx49.com/home/getGeo
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
JSON text data
Size
76 B (76 bytes)
Hash
849b87d1187a917dea28a9c997e36d90
203ca739c987cc32001baeb72db53b7167e3a2d9
8ff68bad14b667f92b79859cff0bc6daf89cb0dfea727340cd4635f2e6694e26

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

POST /home/getGeo HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://cn.mebtx49.com
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/home/register
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false; JSESSIONID=53BC1A64C7D16FEBE1B8FED1C570E3B6; VERIFYCODEID=65C3559DBA4988034ADE5A03C7FC8139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:52:57 GMT
Content-Type: application/json;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Set-Cookie: ccd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mebtx49.com
vcd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mebtx49.com
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: fe0ae374b6a11231021e34158c4dd987
Strict-Transport-Security: max-age=31536000; includeSubDomains

static-content-t.g033ck2dnyuo.com:9587/images/captcha/bg.png

103.197.58.87

3.4 kB

URL
static-content-t.g033ck2dnyuo.com:9587/images/captcha/bg.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 367 x 260, 8-bit colormap, non-interlaced
Size
3.4 kB (3373 bytes)
Hash
2d7a78ffd17b81f4d960f89c341377d1
2ecab08e7808a385c9a712ce90beeef668c19156
5e3bb47aa455eafd7493541cf6ce550ce84309152943f0295d79a9329879ac62

HTTP Headers

GET /images/captcha/bg.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 3373
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-d2d"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/images/captcha/btn_close.png

103.197.58.87

672 B

URL
static-content-t.g033ck2dnyuo.com:9587/images/captcha/btn_close.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 30 x 30, 8-bit gray+alpha, non-interlaced
Size
672 B (672 bytes)
Hash
9bb39b9f25e57e73ad06a45b4bb34b6a
104fefbe66cf791b1fc1b3a933a16e6606febcf4
04082d0d7f70e5f41e4ca58d1712420801b243cdf5a21e7012ad4e70ab05f42e

HTTP Headers

GET /images/captcha/btn_close.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:07 GMT
Content-Type: image/png
Content-Length: 672
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
ETag: "62d84dd9-2a0"
Expires: Fri, 29 Mar 2024 07:47:07 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

static-content-t.g033ck2dnyuo.com:9587/d11_images/modal_reminder_logo.png

103.197.58.87

14 kB

URL
static-content-t.g033ck2dnyuo.com:9587/d11_images/modal_reminder_logo.png
IP
103.197.58.87:0
ASN
#45352 IP ServerOne Solutions Sdn Bhd

File type
PNG image data, 569 x 555, 4-bit colormap, non-interlaced
Size
14 kB (14074 bytes)
Hash
3494fbc85e95ef708a1db6668fd2e401
b9fbfc60416cd990012546e74b0fdb38bdbebe19
3167f9728906a03ceaea850d57533fb5c253a38b94cfd55d245f714d7f18afac

HTTP Headers

GET /d11_images/modal_reminder_logo.png HTTP/1.1
Host: static-content-t.g033ck2dnyuo.com:9587
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-content-t.g033ck2dnyuo.com:9587/style/main.css?20240102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:47:08 GMT
Content-Type: image/png
Content-Length: 14074
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:45:39 GMT
ETag: "62d84d53-36fa"
Expires: Fri, 29 Mar 2024 07:47:08 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: REVALIDATED
Accept-Ranges: bytes

cn.mebtx49.com/fimg/i202210fdd1e22495f9404b8debf0afdaa416b1.jpg

61.4.118.119

284 kB

URL
cn.mebtx49.com/fimg/i202210fdd1e22495f9404b8debf0afdaa416b1.jpg
IP
61.4.118.119:0
ASN
#55720 Gigabit Hosting Sdn Bhd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1920x1005, components 3
Size
284 kB (284018 bytes)
Hash
0b9750ad0104aa2243554d5b8007f99c
a4fa7203acf5d89e0a8bcf976ed5d7eba62f30e4
d234723f8ad984edd04a5dac23778f6832fdd954187461b8b09d46f542dd41e5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET /fimg/i202210fdd1e22495f9404b8debf0afdaa416b1.jpg HTTP/1.1
Host: cn.mebtx49.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/home/register
Cookie: PHPSESSID=9s19crj6b5ohplp5g19fg2evq0; _first=false; JSESSIONID=53BC1A64C7D16FEBE1B8FED1C570E3B6; VERIFYCODEID=65C3559DBA4988034ADE5A03C7FC8139
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:52:57 GMT
Content-Type: image/jpeg
Content-Length: 284018
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 03:04:35 GMT
ETag: "6344dd43-45572"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Server: gocache
Expires: Sat, 30 Mar 2024 04:52:57 GMT
Cache-Control: max-age=86400
c-Type: st
rid: bb12b5803bf18cd41bf17a79893d3962
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache-Status: MISS
Accept-Ranges: bytes

www.manbetx.uk/css/chunk-064772aa.3a0754fc.css

54.254.141.126

200 OK

483 B

URL GET HTTP/2
www.manbetx.uk/css/chunk-064772aa.3a0754fc.css
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (483), with no line terminators
Size
483 B (483 bytes)
Hash
126e3e6a072b78a282a8fb092b29f802
e1d52ae94d92875196905750d352a14ec52be93c
1f1b446aefa4221307a4483959662ba9d48c03d39e1e874afb1028a1e189f3f9

HTTP Headers

GET /css/chunk-064772aa.3a0754fc.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:11 GMT
content-type: text/css
content-length: 483
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
etag: "64ba26e5-1e3"
expires: Fri, 29 Mar 2024 16:47:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.manbetx.uk/js/app.837032ff.js

54.254.141.126

200 OK

4.3 kB

URL GET HTTP/2
www.manbetx.uk/js/app.837032ff.js
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
4.3 kB (4312 bytes)
Hash
8b6a2ae0e1c4a01682cb8dade13c1c34
d24898f8f2ddeff9792068af3ac6880a0721d57a
1d5153a0982549355335a2514b4adb36f0093acd77efbb4a83bd2be8782a822f

HTTP Headers

GET /js/app.837032ff.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:10 GMT
content-type: application/javascript
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-1c13"
expires: Fri, 29 Mar 2024 16:47:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.manbetx.uk/img/btn1.f8611f55.png

54.254.141.126

200 OK

6.0 kB

URL GET HTTP/2
www.manbetx.uk/img/btn1.f8611f55.png
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
PNG image data, 420 x 130, 8-bit colormap, non-interlaced
Size
6.0 kB (5990 bytes)
Hash
f8611f5551637cf9f223948fe614b743
e9bc964fde10a6c1487f7022b3a3a67fc3b6b851
217f3967861d53402e67d76c1a9d58337f66dd07f9e9edc093c609ba39e4110b

HTTP Headers

GET /img/btn1.f8611f55.png HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/css/chunk-064772aa.3a0754fc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:11 GMT
content-type: image/png
content-length: 5990
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
etag: "64ba26e5-1766"
expires: Sun, 28 Apr 2024 04:47:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.manbetx.uk/css/app.1e9f9d47.css

54.254.141.126

200 OK

408 kB

URL GET HTTP/2
www.manbetx.uk/css/app.1e9f9d47.css
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
408 kB (408148 bytes)
Hash
2df7021722df543e613cfff9c9c2aecc
0118184d251c044842ee849a39aafe5d2d6e92c4
7b2ff2cc3b13d55442c07a253871922d306dc493941ad3364ded2abc617aceca

HTTP Headers

GET /css/app.1e9f9d47.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:10 GMT
content-type: text/css
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-559"
expires: Fri, 29 Mar 2024 16:47:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.vrfpshbc.com:2053/global-activity-entry/css/style.css

172.67.186.168

77 kB

URL
www.vrfpshbc.com:2053/global-activity-entry/css/style.css
IP
172.67.186.168:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
77 kB (76931 bytes)
Hash
0c6d034e188bab046fdc5e2bf379985a
2d488cf25911a2fc18a528d7cc379ccf0cfe81b9
4d22d7a96ba44fa03ada1e71245b3ee64e1e91a1bbe9287957429ab8a1ab0f5d

HTTP Headers

GET /global-activity-entry/css/style.css HTTP/1.1
Host: www.vrfpshbc.com:2053
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.mebtx49.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:47:07 GMT
content-type: text/css
last-modified: Wed, 16 Jun 2021 18:06:55 GMT
vary: Accept-Encoding
etag: W/"60ca3dbf-1099"
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvcdn8rWwejTXB9fM3jU11cmvSBlhDdKCToXTRYyV2XqfO9ibHTnzhFjLY6mvAOmqiwnGI9vay%2FVz5P8aKlWZ%2BQK545Hth2eqguIqVcEdOmdgG%2Fhkr3MVUPAAFTT0P9bcayg6mLUK0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd38555cb3b524-OSL
content-encoding: br
alt-svc: h3=":2053"; ma=86400

hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac

103.235.46.191

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://www.manbetx.uk/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
11 kB (11270 bytes)
Hash
6122765ea1186941480cd83a7b14de9f
07a2c4be23ae567de1788fa44727eaf2cb5a8eaf
06f21e9095b101935f09d383eeb579bc08c5966f54217a15c75d90e9aab00ebb

HTTP Headers

GET /hm.js?2f60ef41d26337acc7101bc632659fac HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11270
Content-Type: application/javascript
Date: Fri, 29 Mar 2024 04:47:12 GMT
Etag: 6d77ad8295ed3f0070ef366490ae43d4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D05AF2157EEBE5C1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=401598958&si=2f60ef41d26337acc7101bc632659fac&su=https%3A%2F%2Fcn.mebtx49.com%2F&v=1.3.0&lv=1&sn=44503&r=0&ww=1280&u=https%3A%2F%2Fwww.manbetx.uk%2F%23%2F&tt=%E8%B5%9E%E5%8A%A9%E4%B8%8B%E8%BD%BD%E9%A1%B5

103.235.46.191

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=401598958&si=2f60ef41d26337acc7101bc632659fac&su=https%3A%2F%2Fcn.mebtx49.com%2F&v=1.3.0&lv=1&sn=44503&r=0&ww=1280&u=https%3A%2F%2Fwww.manbetx.uk%2F%23%2F&tt=%E8%B5%9E%E5%8A%A9%E4%B8%8B%E8%BD%BD%E9%A1%B5
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://www.manbetx.uk/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=401598958&si=2f60ef41d26337acc7101bc632659fac&su=https%3A%2F%2Fcn.mebtx49.com%2F&v=1.3.0&lv=1&sn=44503&r=0&ww=1280&u=https%3A%2F%2Fwww.manbetx.uk%2F%23%2F&tt=%E8%B5%9E%E5%8A%A9%E4%B8%8B%E8%BD%BD%E9%A1%B5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 29 Mar 2024 04:47:12 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2677554AB9A661CE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.manbetx.uk/css/chunk-064772aa.3a0754fc.css

54.254.141.126

200 OK

483 B

URL GET HTTP/2
www.manbetx.uk/css/chunk-064772aa.3a0754fc.css
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (483), with no line terminators
Size
483 B (483 bytes)
Hash
126e3e6a072b78a282a8fb092b29f802
e1d52ae94d92875196905750d352a14ec52be93c
1f1b446aefa4221307a4483959662ba9d48c03d39e1e874afb1028a1e189f3f9

HTTP Headers

GET /css/chunk-064772aa.3a0754fc.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Cookie: Hm_lvt_2f60ef41d26337acc7101bc632659fac=1711687633; Hm_lpvt_2f60ef41d26337acc7101bc632659fac=1711687633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:13 GMT
content-type: text/css
content-length: 483
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
etag: "64ba26e5-1e3"
expires: Fri, 29 Mar 2024 16:47:13 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.manbetx.uk/js/chunk-064772aa.a65ceb8e.js

54.254.141.126

200 OK

988 B

URL GET HTTP/2
www.manbetx.uk/js/chunk-064772aa.a65ceb8e.js
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (952), with no line terminators
Size
988 B (988 bytes)
Hash
b8c83bc4f2ee2a499c90bbcf97075e80
0c6a587b8ce643a6bf75d353792b8e11ea2f3d66
bd65a4d3aa49fd90aca67d76c2d003f00bfbfc0148dcfb5e6311c25b9ffb9ae7

HTTP Headers

GET /js/chunk-064772aa.a65ceb8e.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Cookie: Hm_lvt_2f60ef41d26337acc7101bc632659fac=1711687633; Hm_lpvt_2f60ef41d26337acc7101bc632659fac=1711687633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:13 GMT
content-type: application/javascript
content-length: 988
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
etag: "64ba26e5-3dc"
expires: Fri, 29 Mar 2024 16:47:13 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.manbetx.uk/

54.254.141.126

200 OK

1.3 kB

URL User Request GET HTTP/2
www.manbetx.uk/
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1355), with no line terminators
Size
1.3 kB (1338 bytes)
Hash
d232bdd8ab421139ec332febe0ea2c30
0488a69415aeca602c3ea89cfc57b233d975a8d1
666440b6a0b8949d2ae7eeed4013e965d19cb8dc98342392e6eaf96120f10b67

HTTP Headers

GET / HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cn.mebtx49.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:10 GMT
content-type: text/html
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-53a"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.manbetx.uk/css/chunk-vendors.f036abb8.css

54.254.141.126

200 OK

18 kB

URL GET HTTP/2
www.manbetx.uk/css/chunk-vendors.f036abb8.css
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18259), with no line terminators
Size
18 kB (18259 bytes)
Hash
318ab7764c0c1c70e479aa81e4d8b197
e74f9e29ba5deb6c48d2473674dd929c4225bb09
fee930c7937d955b11e004f3452bcac8a8e11991928f8ee3567ff94320daaa48

HTTP Headers

GET /css/chunk-vendors.f036abb8.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:10 GMT
content-type: text/css
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-4753"
expires: Fri, 29 Mar 2024 16:47:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.manbetx.uk/css/chunk-12983a8e.424d645a.css

54.254.141.126

200 OK

1.4 kB

URL GET HTTP/2
www.manbetx.uk/css/chunk-12983a8e.424d645a.css
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1370), with no line terminators
Size
1.4 kB (1370 bytes)
Hash
a554c83745dd75453fff07dad270d6ee
83074015d7d8e141cb70d7bef77ffc71afcf3807
0a31dbc0f2ba459a5a3c1885f37e4e368a3a2885a065e24d7a04dbfab53de3ff

HTTP Headers

GET /css/chunk-12983a8e.424d645a.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Cookie: Hm_lvt_2f60ef41d26337acc7101bc632659fac=1711687633; Hm_lpvt_2f60ef41d26337acc7101bc632659fac=1711687633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:13 GMT
content-type: text/css
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-55a"
expires: Fri, 29 Mar 2024 16:47:13 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.manbetx.uk/favicon.ico

54.254.141.126

200 OK

1.2 kB

URL GET HTTP/2
www.manbetx.uk/favicon.ico
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
a970762d135e06a1d0a982e92627eea2
c75f6962b7e717dea8761c63a6fc7bbd47f8bd0a
93b5d76d0e220077f0df098dab49acd243597dc5574a22fe0a4bf0d9568202ba

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:11 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
etag: "64ba26e5-47e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.manbetx.uk/img/bg_pc.a97bb493.jpg

54.254.141.126

200 OK

407 kB

URL GET HTTP/2
www.manbetx.uk/img/bg_pc.a97bb493.jpg
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1500, components 3
Size
407 kB (407426 bytes)
Hash
a97bb493cd806ae0e90a7c08e4f2bb5d
8ecd32e425586f4c3df0dc71576d50cdb6f1cb00
dd540eeb0b821e2493cad0e95b242db0c26c436c9ca297224c4f18ee6bf907c3

HTTP Headers

GET /img/bg_pc.a97bb493.jpg HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:11 GMT
content-type: image/jpeg
content-length: 407426
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
etag: "64ba26e5-63782"
expires: Sun, 28 Apr 2024 04:47:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.manbetx.uk/js/chunk-vendors.09153fc0.js

54.254.141.126

200 OK

196 kB

URL GET HTTP/2
www.manbetx.uk/js/chunk-vendors.09153fc0.js
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type

Size
196 kB (195679 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/chunk-vendors.09153fc0.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:10 GMT
content-type: application/javascript
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-2fc5f"
expires: Fri, 29 Mar 2024 16:47:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.manbetx.uk/js/chunk-12983a8e.9583bccf.js

54.254.141.126

200 OK

1.5 kB

URL GET HTTP/2
www.manbetx.uk/js/chunk-12983a8e.9583bccf.js
IP
54.254.141.126:443
ASN
#16509 AMAZON-02

Requested by
https://www.manbetx.uk/
Certificate
IssuerZeroSSL
Subjectwww.manbetx.uk
FingerprintDE:65:17:58:AE:84:69:0F:EC:BC:BE:EC:41:03:32:3D:C9:2C:6A:9E
ValidityFri, 21 Jul 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1610), with no line terminators
Size
1.5 kB (1526 bytes)
Hash
72df8b12bab2abe2d2c31660db74ccd7
07736d65bab483d58886a167fdb0def093de98a4
ed6f646f8855d0d4aea3e65560ff8b37362fd8002dd4c50551e731ba48c7c548

HTTP Headers

GET /js/chunk-12983a8e.9583bccf.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Cookie: Hm_lvt_2f60ef41d26337acc7101bc632659fac=1711687633; Hm_lpvt_2f60ef41d26337acc7101bc632659fac=1711687633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:47:13 GMT
content-type: application/javascript
last-modified: Fri, 21 Jul 2023 06:34:13 GMT
vary: Accept-Encoding
etag: W/"64ba26e5-5f6"
expires: Fri, 29 Mar 2024 16:47:13 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (70)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL