Report - iman23.com/

Report Overview

Visited public
2025-05-30 16:57:40
Tags
URL
iman23.com/
Finishing URL
www.manbetx.uk/#/
IP / ASN
172.67.128.144
#13335 CLOUDFLARENET
Title
MX落地页

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static-content-cn.wb27jlt6u066.com	unknown	2022-09-13	2022-11-08	2025-05-22	2.2 kB	112 kB	103.197.58.87
www.9pe8ul.com	unknown	2025-03-13	2025-05-22	2025-05-22	443 B	35 kB	20.2.196.30
static-content-t.wb27jlt6u066.com	unknown	2022-09-13	2022-10-27	2025-05-22	921 B	189 kB	103.197.58.87
hm.baidu.com	8254	1999-10-11	2012-05-26	2025-05-28	1.1 kB	31 kB	183.240.98.228
www.f4bzyrz92us3.com	unknown	2019-11-02	2019-11-02	2025-05-22	431 B	55 kB	172.65.201.65
www.manbetx.uk	unknown	2017-03-22	2017-07-02	2025-05-22	6.6 kB	2.0 MB	172.67.189.141
iman23.com	unknown	unknown	No data	No data	479 B	100 kB	104.21.2.13
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-28	435 B	280 kB	142.250.74.168
cn.hcumx.com	unknown	unknown	No data	No data	505 B	100 kB	172.65.201.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-30 16:57:21	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-05-30	medium	iman23.com/	ManBetX

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	cn.hcumx.com/home/register?code=40513	ScriptElement	124 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen33 Hash fd93f94b315b081829e0186789b6aa6e 2394ef025d7bdcf31f26483c1f3199cc67f76fce e970b828854ab35acb0f619780c554d59e21f4f9d38679705cd6bf0d298550ff Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	1.2 kB	2025-05-30	2025-05-30
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash f2f6b51cb0a69e937ebb97d00ee65581 8503672b2f4257b31d9becdf30f2e25672125b8d 64814e9ad30ad6158400bd7edeec867734ab0685963278985012ab10cb9dcecd Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	8.6 kB	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen30 Hash 3891a6827b3958856e92207ca058e14f d9dbe54a3d9fd992d1ec0657538c568071692ecd 5feba10ed264ddd17e43e323b54af596532494e46467ceb9bbdab6dd4638f2bf Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	760 B	2023-05-15	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 15:49 Last Seen2025-06-13 02:44 Times Seen32 Hash c7ee54a7240990e7c3b05eab06f4a2e7 344f7f9163a8214f5583328970d8f6bde9371089 6d762892025be8c5b37c804c06fb5300353bd9a6f57eba232b5775b29106cb61 Loading...

	www.googletagmanager.com/gtag/js?id=UA-119765380-3	ScriptElement	279 kB	2025-05-30	2025-05-30
Pretty URL www.googletagmanager.com/gtag/js?id=UA-119765380-3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash eec0d2b0d4223ee602e7e3d63da09ae7 a67ef897e9fcf587fe4684af0d345dd7ab4598ee d79eb6350a03d078979d5e80a5843e8cbdc02fb09c4b5c330ca466fd8e3af3fd Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-21
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-21 04:41 Times Seen359421 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.manbetx.uk/js/chunk-815e9064.92ce1b10.js	ScriptElement	3.7 kB	2025-05-22	2025-06-13
Pretty URL www.manbetx.uk/js/chunk-815e9064.92ce1b10.js IP 172.67.189.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-22 05:06 Last Seen2025-06-13 02:44 Times Seen14 Hash 8ecfc4d580fbd048a621eaf54b598f82 583c446823a974b867a7d0cd9a22ea76945ebf93 30d78acb1a415fdaa8aa070ec09bb9853bdf834aeff49438f29fc17a04d99fbf Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	2.2 kB	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen29 Hash 171c8d9a2c1ce963181263e1e76c9c09 ff02cf80bd4d93056f8a63790b56db95565adaa1 27366c6ed9985969fad04edd9a6ed7734a5486fc4deb7be763dc307424bbee52 Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	8.9 kB	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen28 Hash 528ef4a1a4b0d93d15940376c9f30a94 3dce760e0effd87001127aa2e43a33df79cc2ce4 e5778ea07b95de382d159e4876a0ab85ad9cce8343ca2034ef7219a2e7e6a47d Loading...

	www.manbetx.uk/js/chunk-vendors.163d5d6a.js	ScriptElement	162 kB	2025-05-22	2025-06-13
Pretty URL www.manbetx.uk/js/chunk-vendors.163d5d6a.js IP 172.67.189.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-22 05:06 Last Seen2025-06-13 02:44 Times Seen14 Hash c5ac040c0ccf4622b9422323ee67ba2e b52b7e324d4e1365e14762645c2cfb358caa6758 303882692097c9e217b8e9c6f68afbad0bee32cf58fb5996e0ee7165aca0a868 Loading...

	www.manbetx.uk/#/	ScriptElement	399 B	2025-03-02	2025-06-13
Pretty URL www.manbetx.uk/#/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen41 Hash 27742d987a5c3230cc008b6b4f3e47e3 1193f2562a34aab6950cd726e258fc0b7e26b31e 540d13ffbd33be74a977bc5156c8c0ce2a57527d5eb253c8adb6707d9f975a3c Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	2.9 kB	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen27 Hash 6b19db03042684480eea5412106bf6dc 7d8daf05da2b732e10563cac4b2de0688b33bf49 34912dbca996125f1e48fba79fefc252486b241a55f7d78f06e04b5a831d3686 Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.validate.js?2017121201	ScriptElement	61 kB	2025-03-02	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.validate.js?2017121201 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen23 Hash 052b64ec50b11bc14eb24a863d126ba8 3a79b1fe2a8e6834cea694d77c57473ebfbc5758 169b0287c989c2a6d883dff708c551a726c2a98fd79e66fe747d04228012ac7f Loading...

	cn.hcumx.com/home/sandbox%20eval%20code		147 B	2023-04-11	2025-06-21
Pretty URL cn.hcumx.com/home/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-21 04:41 Times Seen360113 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	382 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen25 Hash 2d0b0bc1ef7bcdddb43044412caaef9f 7486b48306bd3c1c94547a5c4b238d40e4c2be3c 87f57b68bdd4f868c5a97901e2bb9b9192d77093a62ba7fb2b0a405e4d73eb6c Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/kz.js?20240723	ScriptElement	69 kB	2025-01-28	2025-06-02
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/kz.js?20240723 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-28 21:52 Last Seen2025-06-02 04:49 Times Seen40 Hash f6ab7554e6ecfb35f6b9083fe576985d 27e68130fbbbf1e9e15a9ebab5fe85e820fe3a60 a26a01f7caee3828a997478ba70289e509c12eecf69e2a5c2bf71935d63703a4 Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	155 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen29 Hash b42e0314adee140fb5e18e096f4bacc6 88a0dd79b84b2e572836c66669ab55f89b900b58 79cfa18812005def94e215acc70f8ac882ed591a822067b972f4ac2235c6f1f4 Loading...

	cn.hcumx.com/home/sandbox%20eval%20code		147 B	2023-04-11	2025-06-21
Pretty URL cn.hcumx.com/home/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-21 04:41 Times Seen360113 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac	ScriptElement	30 kB	2025-05-30	2025-05-30
Pretty URL hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac IP 183.240.98.228 ASN #56040 China Mobile communications corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash 89590e83139b7d609c50baf7dca96b9b 8a9269aff5ac3216a0d359a539ac01f9adf6e1c5 e485bdb9c4bf724a5eb7637bbba6ee9ec305b6ae4c730237dcd0e93e45490e7b Loading...

	www.manbetx.uk/#/	Function	335 B	2025-05-30	2025-05-30
Pretty URL www.manbetx.uk/#/ IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash 00b0a25060bc6fc2fa2cb04f206d3af5 e4af3ae23c1e72bfac2606191222e57aae70b03e 722f7e4524307c6b2a340e1aefa67b1533a3777df61c8dd54bdb450d5bd4b9b5 Loading...

	www.9pe8ul.com:51300/global-activity-entry/js/rain-icon.js	ScriptElement	35 kB	2025-03-02	2025-06-13
Pretty URL www.9pe8ul.com:51300/global-activity-entry/js/rain-icon.js IP 20.2.196.30 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen33 Hash 59767c53c4cb277425bce5c5e7ea9d41 36ee5b49ceb915d4369fe92ca49dbd8bba702c96 5b43bfa813b9f48656d868fbdacd693bf7fc0f4324d5b815db42ceb80c5a4a27 Loading...

	www.f4bzyrz92us3.com/E2/logo.js	ScriptElement	104 B	2025-05-30	2025-05-30
Pretty URL www.f4bzyrz92us3.com/E2/logo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash 8a3ed8351b8f2dca0bd09bb92bb90535 33b94466d15381b22fd8b648e8d22e91923cc8c2 122339d896e0e829b580a69ce91bde3916577c90726be22cc943247238d40495 Loading...

	static-content-cn.wb27jlt6u066.com:9587/util/error.js?2025021401	ScriptElement	10 kB	2025-03-02	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/util/error.js?2025021401 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen24 Hash 3ebafb2e8c565fb204fa01566a253561 b96cdbb738a9f7d52c66031047a5e4edbd3db891 0637ee28b527f08735305f1b58ecdb65274fee811fbe3c42f292343ef8e3cb91 Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	688 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen22 Hash fa249485a4961fe24b760a4d9e9febce c21e2c980ab76e0f7a7f9cfaecd375bcdaa20fec e41ff2bf25448947d8dab8b9ca03133890adb03079188916abd97b5498ea4fa4 Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/game/Game.js?20220202	ScriptElement	62 kB	2025-03-02	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/game/Game.js?20220202 IP 103.197.58.87 ASN #45352 IP ServerOne Solutions Sdn Bhd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen26 Hash acaab89d99ec8834af5b451e81f9c201 df62de5dc78b0b6e115dc5d0f53edfc76b71fdc4 9bac381ad42db61b1ffd4ffe2d588c1313b1a8531c6c0223038ea454af0d00da Loading...

	static-content-t.wb27jlt6u066.com:9587/js/jquery-ui.js	ScriptElement	521 kB	2023-03-07	2025-06-21
Pretty URL static-content-t.wb27jlt6u066.com:9587/js/jquery-ui.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-21 02:13 Times Seen3686 Hash ab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	254 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen22 Hash 87044102cff06b623100ade4509413fe 4910cda6da540e5340cc9357a21861856067ea00 25d6d6174234062dea3e4341e86b162a91f2a8a245654aa69f6f5bd1282d23fc Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.carousel.js	ScriptElement	24 kB	2023-03-07	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.carousel.js IP 103.197.58.87 ASN #45352 IP ServerOne Solutions Sdn Bhd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00 Last Seen2025-06-13 02:44 Times Seen34 Hash 1552106a3e80457c7c75722b7372d303 32ba62ff7b3590d3325d159141aa50a1db5802aa 52947c9e6ac3e2f45c2b2a19802a91eeb75dc70902bf4bd87419a6386300848c Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	156 B	2023-03-07	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:03 Last Seen2025-06-13 02:44 Times Seen46 Hash 09b6a9ef54ab9c825298cd9a9d9ca45d eb87b20d55ec83c8d29417da60113f0283b2246d af68e9610525733157637c6a6d65d9d80deadf76dd5b96aaaafc133c280c09a5 Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	105 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen22 Hash 4da556734f4b410ce3f99b7a5d1602c7 796c0c45978d28d16ce343d9cc38154d80da9f3b 99369cde7758c83db3a0cf8c5e8c2298d043bcb243c93b1327acd242b7cfd2c3 Loading...

	www.googletagmanager.com/gtag/js?id=G-3LRD95F87M&cx=c&gtm=457e55t0h2za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103351869~103351871~104481633~104481635~104559073~104559075~104612245~104612247	ScriptElement	337 kB	2025-05-30	2025-05-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-3LRD95F87M&cx=c&gtm=457e55t0h2za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103351869~103351871~104481633~104481635~104559073~104559075~104612245~104612247 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash 6f7804378e33fdf15ead88a9f560428c 9991245f2528a2de027565c6532c2090196e9ed0 48d44f2d0654f2b58c5353470d2899eba1e8ba054dd347271b093259544a194d Loading...

	www.manbetx.uk/js/app.402090c3.js	ScriptElement	4.6 kB	2025-05-30	2025-06-13
Pretty URL www.manbetx.uk/js/app.402090c3.js IP 172.67.189.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-06-13 02:44 Times Seen11 Hash 52632543353d03fee00a313ad7a44785 38739a98150af3c8b44d3afb27cbadb08177c501 e5b543cbb62427f61002f3c9db8c97c374a1f8a7f251a8dd0a100c9678e250b1 Loading...

	www.manbetx.uk/#/	Function	37 B	2023-04-11	2025-06-21
Pretty URL www.manbetx.uk/#/ IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-06-21 04:34 Times Seen38073 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/livechat.js?202010021	ScriptElement	478 B	2023-05-05	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/livechat.js?202010021 IP 103.197.58.87 ASN #45352 IP ServerOne Solutions Sdn Bhd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 14:06 Last Seen2025-06-13 02:44 Times Seen310 Hash c391a4be2c99c7964fba820f219cfd2c a6f5c3e2febea4e66d7a2ef18bddd4f79e30f59e 9609ff5f295a5b01039dcec7a3368350adf5f810a811ef40f8021a5f10ac6a67 Loading...

	www.f4bzyrz92us3.com/E2/EagleEye.js?1748624238	ScriptElement	55 kB	2025-05-30	2025-05-30
Pretty URL www.f4bzyrz92us3.com/E2/EagleEye.js?1748624238 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-05-30 16:57 Times Seen1 Hash 139b9b19e266e0b55f7a39a0941e9bea 048a1becc4f36214b75757c28f0b4fb75d2a54db 4a6ccff0b00e5b1cba90d6719fa5221d906b04da41cab11221bf3ccea0281293 Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/member/reg.simple.js?20230220	ScriptElement	11 kB	2025-03-02	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/member/reg.simple.js?20230220 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen23 Hash acfbd8efc4aa932d56183ed41666c8bd dada1ef3f25155d81e7d4a9353ce89e7f83b3466 736d2a82733a504f010af43ffbc5eae2e40b075b7ae8929065bc880357c1ab48 Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	114 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen22 Hash 7e281b6261d7a4389d1a73ba7edca4c3 3ff58b8c22b9a16f71fc165c2fdca441df3116f2 7977e1460356f3afb0bd6241246a968d2f485a905c6248e534fb53140c96c53c Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-21
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-21 04:41 Times Seen359421 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.manbetx.uk/#/	Function	37 B	2023-04-11	2025-06-21
Pretty URL www.manbetx.uk/#/ IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-06-21 04:34 Times Seen38073 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-06-21
Pretty URL static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-21 04:40 Times Seen6157 Hash 5790ead7ad3ba27397aedfa3d263b867 8130544c215fe5d1ec081d83461bf4a711e74882 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Loading...

	banner-notice.6dqr2n.com/mxstatic/banner-notice.js	ScriptElement	19 kB	2025-05-30	2025-06-13
Pretty URL banner-notice.6dqr2n.com/mxstatic/banner-notice.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-30 16:57 Last Seen2025-06-13 02:44 Times Seen6 Hash fde6491fa4c8e8adaf2844d6d09e2a2f 51174631e2149efc853eacf33e39fa8dc66840b8 a402e491cde441e33c89c38bb10c84d7473a88700ba4fd76e0bb1bf2c2f61143 Loading...

	cn.hcumx.com/home/register?code=40513	ScriptElement	134 B	2025-03-02	2025-06-13
Pretty URL cn.hcumx.com/home/register?code=40513 IP 172.65.201.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 07:32 Last Seen2025-06-13 02:44 Times Seen19 Hash 971c3cdc01aac017b45d6aaf9d29f3ca 43b0e892b57bcf623a59772c8486e310db12b99e 095e217a343951c56a3242eeb3e57680822ea3f9289c76751d6ab036ffeca2c2 Loading...

	static-content-cn.wb27jlt6u066.com:9587/util/rsa.js	ScriptElement	14 kB	2023-03-07	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/util/rsa.js IP 103.197.58.87 ASN #45352 IP ServerOne Solutions Sdn Bhd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-06-13 10:51 Times Seen346 Hash 2e28749b1ce6013a456d4498a447dff3 89d8c436922a84f097e86090179d112c3d6e13c2 1748bdff25c71702d781b076f961920ef32283e324153b256e963202431a35ba Loading...

	static-content-cn.wb27jlt6u066.com:9587/util/all.js?20231116	ScriptElement	78 kB	2023-09-15	2025-06-13
Pretty URL static-content-cn.wb27jlt6u066.com:9587/util/all.js?20231116 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-15 15:49 Last Seen2025-06-13 02:44 Times Seen258 Hash f5aa16a242596257e153e33c5b8fb232 804252d4387c4fda0141e9bf4fd2a05bb3c7068a c21ffeeff6782e69216ce2fdf3fd54289af1d7b4a8bc2af9b83c0679c5969782 Loading...

HTTP Transactions (28)

URL IP Response Size

GET www.manbetx.uk/img/btn1.ac7dcb07.png

172.67.189.141

200 OK

74 kB

URL GET
www.manbetx.uk/img/btn1.ac7dcb07.png
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
PNG image data, 800 x 260, 8-bit/color RGBA, non-interlaced
Size
74 kB (73836 bytes)
Hash
ac7dcb07f8e9d9f01499a8329c638beb
69eff05de60b033b42592ae78d1df26ee89fd80e
16c3c5265ad98e21747e456213c780418206eccb9f9ca43b59cd561f40b49f1c

HTTP Headers

GET /img/btn1.ac7dcb07.png HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/css/chunk-815e9064.38a5a07a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:26 GMT
content-type: image/png
content-length: 73836
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kiq0iOfhOfYQmb3G5cFEVdCXWBoGXgtK2Sp0xuoaTZTTyUdUj9K2vWi21EKna3Lom0hBGyHbIW7wNdeG4rEafge63%2BZrxnc65BBsFFBSmuzSJxyMt8V1Ex%2BrmY5tFBUQ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
etag: "6839b7db-1206c"
expires: Sun, 29 Jun 2025 16:57:25 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-cache-status: EXPIRED
cf-ray: 947fc53e89fcb518-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3678&min_rtt=1064&rtt_var=3619&sent=131&recv=99&lost=0&retrans=0&sent_bytes=70313&recv_bytes=7788&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2731&x=80"

GET static-content-cn.wb27jlt6u066.com:9587/js/livechat.js?202010021

103.197.58.87

200 OK

478 B

URL GET
static-content-cn.wb27jlt6u066.com:9587/js/livechat.js?202010021
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-cn.wb27jlt6u066.com
Fingerprint00:89:62:01:8C:5E:2B:CC:B2:4B:4B:07:7A:17:E7:1F:09:CA:1A:05
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (477)
Size
478 B (478 bytes)
Hash
c391a4be2c99c7964fba820f219cfd2c
a6f5c3e2febea4e66d7a2ef18bddd4f79e30f59e
9609ff5f295a5b01039dcec7a3368350adf5f810a811ef40f8021a5f10ac6a67

HTTP Headers

GET /js/livechat.js?202010021 HTTP/1.1
Host: static-content-cn.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd8-1de"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET www.manbetx.uk/js/chunk-vendors.163d5d6a.js

172.67.189.141

200 OK

162 kB

URL GET
www.manbetx.uk/js/chunk-vendors.163d5d6a.js
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
JavaScript source, ASCII text, with very long lines (57838)
Size
162 kB (161831 bytes)
Hash
c5ac040c0ccf4622b9422323ee67ba2e
b52b7e324d4e1365e14762645c2cfb358caa6758
303882692097c9e217b8e9c6f68afbad0bee32cf58fb5996e0ee7165aca0a868

HTTP Headers

GET /js/chunk-vendors.163d5d6a.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:24 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxPzOzfAQ5%2FpDiu%2FLsAqXTBFZNCd8qgnW2wpREn6uTsugpPyDVYetALKqdQhcXOyG7cQTABU1qmUxS7IuAQbvyKd6GaxxVGBKuGoo%2BOoBDMMsbOlacoS9rj8k5OsqPazyw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
vary: Accept-Encoding
etag: W/"6839b7db-27827"
expires: Fri, 06 Jun 2025 16:57:24 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 947fc53329b1b518-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8250&min_rtt=1064&rtt_var=6610&sent=63&recv=82&lost=0&retrans=0&sent_bytes=6504&recv_bytes=5039&delivery_rate=256446&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=e5882be3f0f91900&ts=941&x=80"

GET www.manbetx.uk/js/chunk-815e9064.92ce1b10.js

172.67.189.141

200 OK

3.7 kB

URL GET
www.manbetx.uk/js/chunk-815e9064.92ce1b10.js
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
JavaScript source, ASCII text, with very long lines (3720), with no line terminators
Size
3.7 kB (3720 bytes)
Hash
8ecfc4d580fbd048a621eaf54b598f82
583c446823a974b867a7d0cd9a22ea76945ebf93
30d78acb1a415fdaa8aa070ec09bb9853bdf834aeff49438f29fc17a04d99fbf

HTTP Headers

GET /js/chunk-815e9064.92ce1b10.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Cookie: Hm_lvt_2f60ef41d26337acc7101bc632659fac=1748624246; Hm_lpvt_2f60ef41d26337acc7101bc632659fac=1748624246; HMACCOUNT=5668B28331685D1B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:27 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBAG3ZXUUTok3wCmPnzOFVX4VUdxrfSwDCaQW8z8XNX0QxVjcwsVFcY%2BnYw73CmI3p%2FAhKPD2FSu%2FP2hhQ2Lsb%2FNRLSdwS9llGfFQnFE0lNqHFweCWp8zflhRcxp1HzuTw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
vary: Accept-Encoding
etag: W/"6839b7db-e88"
expires: Fri, 06 Jun 2025 16:57:25 GMT
cache-control: max-age=604800
content-encoding: gzip
age: 2
cf-cache-status: HIT
cf-ray: 947fc54ccb51b518-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5441&min_rtt=1064&rtt_var=3790&sent=1766&recv=118&lost=55&retrans=56&sent_bytes=2017363&recv_bytes=9452&delivery_rate=41443225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=336840&unsent_bytes=0&cid=e5882be3f0f91900&ts=4461&x=80"

GET www.manbetx.uk/img/bg.6024d503.jpg

172.67.189.141

200 OK

668 kB

URL GET
www.manbetx.uk/img/bg.6024d503.jpg
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3
Size
668 kB (668048 bytes)
Hash
6024d50399c7ec6bba1d240b74b250a3
0bd0df3bb6a2b31738a5c5dc5f60a90c8ff4bd13
2d7b08f7b0d3c9b6f56611e1835a77ae1ec252848a5716f011581e9a6f2c44f0

HTTP Headers

GET /img/bg.6024d503.jpg HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/css/chunk-815e9064.38a5a07a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:26 GMT
content-type: image/jpeg
content-length: 668048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGdKn2uPboJIsy50NPjq3LEyq0DeKjd5r01vKb64M375ZoCa9V1SauBGogv7ZhML66y%2FeNKaRBXECXWSv%2BhBaJepaaa9LctxY6x34pKCvFs7gzRXY395KjMoQBRzwrzXhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
etag: "6839b7db-a3190"
expires: Sun, 29 Jun 2025 16:57:25 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-cache-status: EXPIRED
cf-ray: 947fc53e79fbb518-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3963&min_rtt=1064&rtt_var=4066&sent=130&recv=98&lost=0&retrans=0&sent_bytes=69630&recv_bytes=7744&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2724&x=80"

GET www.manbetx.uk/css/app.80affa93.css

172.67.189.141

200 OK

1.4 kB

URL GET
www.manbetx.uk/css/app.80affa93.css
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
ASCII text, with very long lines (1392), with no line terminators
Size
1.4 kB (1392 bytes)
Hash
05ed8f41683172fafc5160c7f8d2d53d
f6e44d08068c420b89adeb333ed90a54ce1f6546
9ae0d0c373e296c1186b72195222f0ca1bb1af366822b2371e6f749be85dbb57

HTTP Headers

GET /css/app.80affa93.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 30 May 2025 16:57:24 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 30 May 2025 13:51:23 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: W/"6839b7db-570"
expires: Fri, 06 Jun 2025 16:57:24 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Hx5fr6qQVSA%2Fgx8WdQ5EoSoXtZsR%2Bol5DPbJSp39HDzEYA4YfwkZ%2BoO34cGeBzKjs82lJceJHg9SyYIXNrgKzGC0qWb83IIJy7DVhA%3D%3D"}]}
cf-ray: 947fc5332c31b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.manbetx.uk/js/chunk-815e9064.92ce1b10.js

172.67.189.141

200 OK

3.7 kB

URL GET
www.manbetx.uk/js/chunk-815e9064.92ce1b10.js
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
JavaScript source, ASCII text, with very long lines (3720), with no line terminators
Size
3.7 kB (3720 bytes)
Hash
8ecfc4d580fbd048a621eaf54b598f82
583c446823a974b867a7d0cd9a22ea76945ebf93
30d78acb1a415fdaa8aa070ec09bb9853bdf834aeff49438f29fc17a04d99fbf

HTTP Headers

GET /js/chunk-815e9064.92ce1b10.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:25 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVSpmg4GsorM01Ieuf%2F65oGV1N%2BeEl365A%2FG0Fvfo5KPjLsY641ojEanp7stE%2FD2BmdKB0aFFLp0Y5c2B9XtncrIxNoyHf4sqxLUqs%2B%2B80SqLF1%2BQitlRAmWwaxxjau0MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
vary: Accept-Encoding
etag: W/"6839b7db-e88"
expires: Fri, 06 Jun 2025 16:57:25 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 947fc53ac9e6b518-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4762&min_rtt=1064&rtt_var=4759&sent=120&recv=91&lost=0&retrans=0&sent_bytes=65372&recv_bytes=6139&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2142&x=80"

GET www.9pe8ul.com:51300/global-activity-entry/js/rain-icon.js

20.2.196.30

200 OK

35 kB

URL GET
www.9pe8ul.com:51300/global-activity-entry/js/rain-icon.js
IP
20.2.196.30:51300
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerZeroSSL
Subjectwww.9pe8ul.com
Fingerprint89:12:E2:15:4E:F2:20:9A:07:7F:B5:F9:78:22:39:9B:B3:8D:BF:E3
ValiditySun, 18 May 2025 00:00:00 GMT - Sat, 16 Aug 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
35 kB (34985 bytes)
Hash
59767c53c4cb277425bce5c5e7ea9d41
36ee5b49ceb915d4369fe92ca49dbd8bba702c96
5b43bfa813b9f48656d868fbdacd693bf7fc0f4324d5b815db42ceb80c5a4a27

HTTP Headers

GET /global-activity-entry/js/rain-icon.js HTTP/1.1
Host: www.9pe8ul.com:51300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 16:57:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 09 Nov 2023 07:48:38 GMT
vary: Accept-Encoding
etag: W/"654c8ed6-88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
psc-cache-status: HIT
X-Firefox-Spdy: h2

GET static-content-cn.wb27jlt6u066.com:9587/util/rsa.js

103.197.58.87

200 OK

14 kB

URL GET
static-content-cn.wb27jlt6u066.com:9587/util/rsa.js
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-cn.wb27jlt6u066.com
Fingerprint00:89:62:01:8C:5E:2B:CC:B2:4B:4B:07:7A:17:E7:1F:09:CA:1A:05
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
ASCII text, with very long lines (5026)
Size
14 kB (13514 bytes)
Hash
2e28749b1ce6013a456d4498a447dff3
89d8c436922a84f097e86090179d112c3d6e13c2
1748bdff25c71702d781b076f961920ef32283e324153b256e963202431a35ba

HTTP Headers

GET /util/rsa.js HTTP/1.1
Host: static-content-cn.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd9-34ca"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET www.manbetx.uk/img/bc.dc80893f.jpg

172.67.189.141

200 OK

944 kB

URL GET
www.manbetx.uk/img/bc.dc80893f.jpg
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1242x2208, components 3
Size
944 kB (943514 bytes)
Hash
dc80893ff7fc07b290492fa7db14796c
420cda9af85db44f132884d38bcfac5c3957a2a7
ddc4432c9a3da2e673bc1eb2bf3c971bd321e838d5b236f7fe42efe7af7249aa

HTTP Headers

GET /img/bc.dc80893f.jpg HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:26 GMT
content-type: image/jpeg
content-length: 943514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PomDjwy5liVFhicPnbzZHphCSwR93vbOBFRpcgZsL76wgc333vu7LMniEDzyEythmWT9gn7c30LtpjPqrDl%2FEyLLWxYdR6sY%2Fv2hvINklELkFphiFa6F2PaljtxyLF5R9g%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
etag: "6839b7db-e659a"
expires: Sun, 29 Jun 2025 16:57:25 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-cache-status: EXPIRED
cf-ray: 947fc53e79f7b518-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3963&min_rtt=1064&rtt_var=4066&sent=129&recv=98&lost=0&retrans=0&sent_bytes=68947&recv_bytes=7744&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2723&x=80"

GET static-content-cn.wb27jlt6u066.com:9587/js/game/Game.js?20220202

103.197.58.87

200 OK

63 kB

URL GET
static-content-cn.wb27jlt6u066.com:9587/js/game/Game.js?20220202
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-cn.wb27jlt6u066.com
Fingerprint00:89:62:01:8C:5E:2B:CC:B2:4B:4B:07:7A:17:E7:1F:09:CA:1A:05
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
63 kB (62673 bytes)
Hash
acaab89d99ec8834af5b451e81f9c201
df62de5dc78b0b6e115dc5d0f53edfc76b71fdc4
9bac381ad42db61b1ffd4ffe2d588c1313b1a8531c6c0223038ea454af0d00da

HTTP Headers

GET /js/game/Game.js?20220202 HTTP/1.1
Host: static-content-cn.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2025 05:02:35 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"67849e6b-f4d1"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET www.manbetx.uk/img/btn2.e32f2306.png

172.67.189.141

200 OK

73 kB

URL GET
www.manbetx.uk/img/btn2.e32f2306.png
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
PNG image data, 798 x 260, 8-bit/color RGBA, non-interlaced
Size
73 kB (72568 bytes)
Hash
e32f23063dd6ea3ab3229f5c0ff6a400
87221c4996702c2d69196953e3fadda3ad039fc8
0e83b960963daefd7b6062513239a47da56209f6640dc8301e758d88f3afc666

HTTP Headers

GET /img/btn2.e32f2306.png HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/css/chunk-815e9064.38a5a07a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:26 GMT
content-type: image/png
content-length: 72568
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBCZg7VJ2RsuSU0SxihbVpEN8s8n6f4hMuznGwuqlDr6dBlKg%2BlNxG6yvw2u62tQpgSO6PcRXZAr8kwGYL4wClFU%2FlatJahdWtMCxjALQQW4YRtumVYpwhcRoiWZOAIcDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
etag: "6839b7db-11b78"
expires: Sun, 29 Jun 2025 16:57:25 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-cache-status: EXPIRED
cf-ray: 947fc53e89fdb518-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3678&min_rtt=1064&rtt_var=3619&sent=132&recv=99&lost=0&retrans=0&sent_bytes=70996&recv_bytes=7788&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2735&x=80"

GET static-content-t.wb27jlt6u066.com:9587/style/css.css?20250516

103.197.58.87

200 OK

129 kB

URL GET
static-content-t.wb27jlt6u066.com:9587/style/css.css?20250516
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-t.wb27jlt6u066.com
Fingerprint41:82:90:79:FD:51:A3:CE:26:6D:17:F0:4E:57:1E:A6:E1:97:3A:20
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (525)
Size
129 kB (129036 bytes)
Hash
b151dd1ae129aba3f1bd92cf8855c79f
cfde722a277405ab10eb93e22e7f41e4a5d00e0a
a007bf97b851052dffced07061ddcd28f1d7129df127f74dfd48ce95b7f470c3

HTTP Headers

GET /style/css.css?20250516 HTTP/1.1
Host: static-content-t.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 May 2025 03:05:38 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"68367d82-1f80c"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET www.manbetx.uk/js/app.402090c3.js

172.67.189.141

200 OK

4.6 kB

URL GET
www.manbetx.uk/js/app.402090c3.js
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
JavaScript source, ASCII text, with very long lines (4620), with no line terminators
Size
4.6 kB (4620 bytes)
Hash
52632543353d03fee00a313ad7a44785
38739a98150af3c8b44d3afb27cbadb08177c501
e5b543cbb62427f61002f3c9db8c97c374a1f8a7f251a8dd0a100c9678e250b1

HTTP Headers

GET /js/app.402090c3.js HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 30 May 2025 16:57:24 GMT
content-type: application/javascript
server: cloudflare
last-modified: Fri, 30 May 2025 13:51:23 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: W/"6839b7db-120c"
expires: Fri, 06 Jun 2025 16:57:24 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: MISS
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HlxSUhDDHWQVnG5u9hcNDU5MrUIHR2X0JR%2BGLxIVgVY0vamefOceExj5bvcWREVeruZxAJoRv0q%2BtMbqvdAYyyvb7aVLcM%2FS8ZflWw%3D%3D"}]}
cf-ray: 947fc5332c38b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.manbetx.uk/css/chunk-815e9064.38a5a07a.css

172.67.189.141

200 OK

1.6 kB

URL GET
www.manbetx.uk/css/chunk-815e9064.38a5a07a.css
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
ASCII text, with very long lines (1595), with no line terminators
Size
1.6 kB (1595 bytes)
Hash
faf28abc9179ca342c4a3290e9be141f
3b05f7a7b6527b3631d169b5782f9828f3efea97
4aaf12738fdf6be6f6f55e1a53bf80b1d3491b8d0423381e490b3459d0bbd276

HTTP Headers

GET /css/chunk-815e9064.38a5a07a.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:25 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0b6llAVtYNRNxJimS7rr964m3jWPe1lNVmOAcZ9VSqHSpDNsljYIGW2ymJnBiMkRan3mPPmCbI%2BLuzX2idWL9kQPMcFPz4z1m3ScgyrlpVHvKKtFe2TvPZa0N1x8PwKDuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
vary: Accept-Encoding
etag: W/"6839b7db-63b"
expires: Fri, 06 Jun 2025 16:57:25 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 947fc53ab9e5b518-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5284&min_rtt=1064&rtt_var=4954&sent=117&recv=90&lost=0&retrans=0&sent_bytes=64029&recv_bytes=6095&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2131&x=80"

GET hm.baidu.com/hm.gif?hca=5668B28331685D1B&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1030295235&si=2f60ef41d26337acc7101bc632659fac&su=https%3A%2F%2Fcn.hcumx.com%2F&v=1.3.2&lv=1&sn=19376&r=0&ww=1280&u=https%3A%2F%2Fwww.manbetx.uk%2F%23%2F&tt=MX%E8%90%BD%E5%9C%B0%E9%A1%B5

183.240.98.228

200 OK

43 B

URL GET
hm.baidu.com/hm.gif?hca=5668B28331685D1B&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1030295235&si=2f60ef41d26337acc7101bc632659fac&su=https%3A%2F%2Fcn.hcumx.com%2F&v=1.3.2&lv=1&sn=19376&r=0&ww=1280&u=https%3A%2F%2Fwww.manbetx.uk%2F%23%2F&tt=MX%E8%90%BD%E5%9C%B0%E9%A1%B5
IP
183.240.98.228:443
ASN
#56040 China Mobile communications corporation

Requested by
https://www.manbetx.uk/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?hca=5668B28331685D1B&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1030295235&si=2f60ef41d26337acc7101bc632659fac&su=https%3A%2F%2Fcn.hcumx.com%2F&v=1.3.2&lv=1&sn=19376&r=0&ww=1280&u=https%3A%2F%2Fwww.manbetx.uk%2F%23%2F&tt=MX%E8%90%BD%E5%9C%B0%E9%A1%B5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 30 May 2025 16:57:26 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6030A5C16374A4BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

GET iman23.com/

104.21.2.13

302 Found

99 kB

URL User Request GET
iman23.com/
IP
104.21.2.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectiman23.com
FingerprintB6:57:3C:81:AA:5B:A8:C7:E7:14:64:FC:85:6D:78:FE:73:36:5E:2F
ValidityMon, 14 Apr 2025 20:05:04 GMT - Sun, 13 Jul 2025 21:03:20 GMT

File type

Size
99 kB (99214 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	ManBetX

HTTP Headers

GET / HTTP/1.1
Host: iman23.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 30 May 2025 16:57:16 GMT
location: https://cn.hcumx.com/home/register?code=40513
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FplwpKDOJuW9MqQbHXn%2Bct1whc%2BBDPn6L8hbISc46hJHCDUhjj0YO%2FhA%2BXF0%2BWxa4BzJHnfj3LXd7Q0Untg1zU2enh1nNstO"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 947fc50449450b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET static-content-cn.wb27jlt6u066.com:9587/util/messenger.css

103.197.58.87

200 OK

9.2 kB

URL GET
static-content-cn.wb27jlt6u066.com:9587/util/messenger.css
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-cn.wb27jlt6u066.com
Fingerprint00:89:62:01:8C:5E:2B:CC:B2:4B:4B:07:7A:17:E7:1F:09:CA:1A:05
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
ASCII text, with very long lines (538)
Size
9.2 kB (9232 bytes)
Hash
26f774e67203df0b4387b8fdee38643c
d46d750b7882c8c3aff3690472c6ad6c5c32d546
3d3b344953f5a8668a3a045c902c84e530407997885301cfffd4a1724b6b37f8

HTTP Headers

GET /util/messenger.css HTTP/1.1
Host: static-content-cn.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:53 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd9-2410"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.carousel.js

103.197.58.87

200 OK

24 kB

URL GET
static-content-cn.wb27jlt6u066.com:9587/js/jquery/jquery.carousel.js
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-cn.wb27jlt6u066.com
Fingerprint00:89:62:01:8C:5E:2B:CC:B2:4B:4B:07:7A:17:E7:1F:09:CA:1A:05
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
24 kB (24122 bytes)
Hash
1552106a3e80457c7c75722b7372d303
32ba62ff7b3590d3325d159141aa50a1db5802aa
52947c9e6ac3e2f45c2b2a19802a91eeb75dc70902bf4bd87419a6386300848c

HTTP Headers

GET /js/jquery/jquery.carousel.js HTTP/1.1
Host: static-content-cn.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 18:47:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62d84dd8-5e3a"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET www.manbetx.uk/css/chunk-815e9064.38a5a07a.css

172.67.189.141

200 OK

1.6 kB

URL GET
www.manbetx.uk/css/chunk-815e9064.38a5a07a.css
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
ASCII text, with very long lines (1595), with no line terminators
Size
1.6 kB (1595 bytes)
Hash
faf28abc9179ca342c4a3290e9be141f
3b05f7a7b6527b3631d169b5782f9828f3efea97
4aaf12738fdf6be6f6f55e1a53bf80b1d3491b8d0423381e490b3459d0bbd276

HTTP Headers

GET /css/chunk-815e9064.38a5a07a.css HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Cookie: Hm_lvt_2f60ef41d26337acc7101bc632659fac=1748624246; Hm_lpvt_2f60ef41d26337acc7101bc632659fac=1748624246; HMACCOUNT=5668B28331685D1B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:27 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7I0MBDBwCnpYv9mPWssjyySaX1emdyw%2B2Ba%2Fl2ueIFmlyYradqL7Mx4wCzW2wVVmzdpOj%2BoKmgob3h9GmIyag%2BlTmbuyRsqcytEyIXPQAyMGsLFemDfsyX5jd773anD5w%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
vary: Accept-Encoding
etag: W/"6839b7db-63b"
expires: Fri, 06 Jun 2025 16:57:25 GMT
cache-control: max-age=604800
content-encoding: gzip
age: 2
cf-cache-status: HIT
cf-ray: 947fc54ccb50b518-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4923&min_rtt=1064&rtt_var=3879&sent=1768&recv=119&lost=55&retrans=56&sent_bytes=2019451&recv_bytes=9498&delivery_rate=41443225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=336840&unsent_bytes=0&cid=e5882be3f0f91900&ts=4478&x=80"

GET static-content-t.wb27jlt6u066.com:9587/style/main.css?20241210

103.197.58.87

200 OK

60 kB

URL GET
static-content-t.wb27jlt6u066.com:9587/style/main.css?20241210
IP
103.197.58.87:9587
ASN
#45352 IP ServerOne Solutions Sdn Bhd

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectstatic-content-t.wb27jlt6u066.com
Fingerprint41:82:90:79:FD:51:A3:CE:26:6D:17:F0:4E:57:1E:A6:E1:97:3A:20
ValidityFri, 18 Oct 2024 00:00:00 GMT - Sat, 18 Oct 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (449)
Size
60 kB (59544 bytes)
Hash
47b8ab1d9097c87c52fb53d3e1b76a94
1f8a02ea284f2cec59f53c2a06a6ef344c212a45
18b74712e855ebac268e544dffd223adb6d65ba513a664574da352e041128b07

HTTP Headers

GET /style/main.css?20241210 HTTP/1.1
Host: static-content-t.wb27jlt6u066.com:9587
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 10 Dec 2024 05:04:09 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6757cbc9-e898"
Expires: Fri, 30 May 2025 19:57:20 GMT
Cache-Control: max-age=10800
Conexiq-CDN-Cache: HIT
Content-Encoding: gzip

GET www.manbetx.uk/

172.67.189.141

200 OK

1.2 kB

URL User Request GET
www.manbetx.uk/
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (785)
Size
1.2 kB (1184 bytes)
Hash
52e1a54b00a01bfd71221deeb5680d0e
c10c45f079560e5fde1662826ab913d658105fb6
0a419beb00fdc9c0e8f9aaae4c1205334933bcbe400540a661d020ea44fdedc8

HTTP Headers

GET / HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 30 May 2025 16:57:23 GMT
content-type: text/html
server: cloudflare
last-modified: Fri, 30 May 2025 13:51:23 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RdbekWChhUbdEeX2P9bzfFD1FornhT7P9p1PKYYufzAEa31EwYXKHi9nloUDX%2F0rbVdgAq%2Brq517KuEggoZFRiQKUKYmSRMvDw%2BUjw%3D%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 947fc52d19fab4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=UA-119765380-3

142.250.74.168

200 OK

279 kB

URL GET
www.googletagmanager.com/gtag/js?id=UA-119765380-3
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (5432)
Size
279 kB (279209 bytes)
Hash
eec0d2b0d4223ee602e7e3d63da09ae7
a67ef897e9fcf587fe4684af0d345dd7ab4598ee
d79eb6350a03d078979d5e80a5843e8cbdc02fb09c4b5c330ca466fd8e3af3fd

HTTP Headers

GET /gtag/js?id=UA-119765380-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 May 2025 16:57:19 GMT
expires: Fri, 30 May 2025 16:57:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 98639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.manbetx.uk/img/btn3.cbcc2fab.png

172.67.189.141

200 OK

75 kB

URL GET
www.manbetx.uk/img/btn3.cbcc2fab.png
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
PNG image data, 798 x 260, 8-bit/color RGBA, non-interlaced
Size
75 kB (75007 bytes)
Hash
cbcc2fabcf9140df4ba586f141c4c77a
0a2ed418a5613331de837aefdcb3102143d6dcea
d88b18c365398f662a97260aefe0d5f508382c9c48b3c1400a38a46e076710fd

HTTP Headers

GET /img/btn3.cbcc2fab.png HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/css/chunk-815e9064.38a5a07a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:26 GMT
content-type: image/png
content-length: 75007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGWWhIuJcXiP0%2BKFyksN3p%2BHoRmtZem6Mz3Gx3aHQkbU%2BVyugXTDFoMOeGVPtc%2F35R7GkGSXwQijlhLtLlvyaksE3Ljno3vbv1VJsGmYv%2FTmhaV%2FGC97iY0vKh7VinvaFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
etag: "6839b7db-124ff"
expires: Sun, 29 Jun 2025 16:57:25 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-cache-status: EXPIRED
cf-ray: 947fc53e89feb518-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3405&min_rtt=1064&rtt_var=3260&sent=133&recv=100&lost=0&retrans=0&sent_bytes=71679&recv_bytes=7833&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2755&x=80"

GET www.manbetx.uk/favicon.ico

172.67.189.141

200 OK

1.2 kB

URL GET
www.manbetx.uk/favicon.ico
IP
172.67.189.141:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.manbetx.uk/
Certificate
IssuerGoogle Trust Services
Subjectmanbetx.uk
FingerprintEC:8D:84:67:35:73:96:F7:99:7A:C1:EE:9B:9E:2B:F8:E8:95:3A:62
ValidityTue, 29 Apr 2025 08:42:56 GMT - Mon, 28 Jul 2025 09:40:39 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
a970762d135e06a1d0a982e92627eea2
c75f6962b7e717dea8761c63a6fc7bbd47f8bd0a
93b5d76d0e220077f0df098dab49acd243597dc5574a22fe0a4bf0d9568202ba

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.manbetx.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 30 May 2025 16:57:25 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEuEKZzw8Bte3HRQbewEoLRX5a09jjopMNDbR0c4gnp3ZK%2FtYY8Wz0744cc%2Bdez6HtEnDYyCZ5rh4GXvZK1HW%2B51TKOpMi%2BUH0W0jP862EEG6gl0zsyHXE%2FekZ441yc5Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 13:51:23 GMT
vary: Accept-Encoding
etag: W/"6839b7db-47e"
expires: Sun, 29 Jun 2025 16:57:25 GMT
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 947fc53ca9eeb518-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4343&min_rtt=1064&rtt_var=4407&sent=127&recv=97&lost=0&retrans=0&sent_bytes=67581&recv_bytes=7700&delivery_rate=13783193&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=e5882be3f0f91900&ts=2431&x=80"

GET cn.hcumx.com/home/register?code=40513

172.65.201.65

200 OK

99 kB

URL User Request GET
cn.hcumx.com/home/register?code=40513
IP
172.65.201.65:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerSectigo Limited
Subjectcn.hcumx.com
Fingerprint2A:FC:31:A2:66:2F:BA:61:4D:81:69:1C:44:EE:4C:A6:E3:9E:33:46
ValidityFri, 24 Jan 2025 00:00:00 GMT - Sat, 24 Jan 2026 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (396)
Size
99 kB (99214 bytes)
Hash
3467482f5c8bad3c0120e9505982db54
5ece8f6e731eec02bfa49aec03338092089361fe
193c09e4de1d719756f951224c03b60a568ab61555c552e342aca997f4890e95

HTTP Headers

GET /home/register?code=40513 HTTP/1.1
Host: cn.hcumx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Set-Cookie: ccd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hcumx.com
vcd11=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hcumx.com
PHPSESSID=crr4a8p1sa5k546ceqrv1ingo2; path=/
_code_cookie=40513-; path=/; domain=hcumx.com
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Server: gocache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
c-Type: df
rid: 2c3a2a79b74a725fc005d81523f897db
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET www.f4bzyrz92us3.com/E2/EagleEye.js?1748624238

172.65.201.65

200 OK

55 kB

URL GET
www.f4bzyrz92us3.com/E2/EagleEye.js?1748624238
IP
172.65.201.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cn.hcumx.com/home/register?code=40513
Certificate
IssuerSectigo Limited
Subjectwww.f4bzyrz92us3.com
Fingerprint74:11:6D:53:CA:6F:CA:A5:4D:73:C4:BF:A6:61:7D:6B:CF:DE:06:4C
ValidityTue, 10 Sep 2024 00:00:00 GMT - Wed, 10 Sep 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (37140), with CRLF line terminators
Size
55 kB (54550 bytes)
Hash
139b9b19e266e0b55f7a39a0941e9bea
048a1becc4f36214b75757c28f0b4fb75d2a54db
4a6ccff0b00e5b1cba90d6719fa5221d906b04da41cab11221bf3ccea0281293

HTTP Headers

GET /E2/EagleEye.js?1748624238 HTTP/1.1
Host: www.f4bzyrz92us3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cn.hcumx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 30 May 2025 16:57:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 15592
Connection: keep-alive
Cache-Control: max-age=86400
Content-Encoding: deflate
X-AspNetMvc-Version: 5.1
X-AspNet-Version: 4.0.30319
Set-Cookie: E2token=81f45564-badc-4fd3-9eba-92ecd5e4fb04; expires=Wed, 30-May-2035 16:57:20 GMT; path= ; samesite = None; secure; HttpOnly
X-Powered-By: ASP.NET
Server: gocache
Expires: Sat, 31 May 2025 16:57:20 GMT
c-Type: st
rid: 989463fb8095a8b47f8a4a26eb0f8ed0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cache-Status: MISS

GET hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac

183.240.98.228

200 OK

30 kB

URL GET
hm.baidu.com/hm.js?2f60ef41d26337acc7101bc632659fac
IP
183.240.98.228:443
ASN
#56040 China Mobile communications corporation

Requested by
https://www.manbetx.uk/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
30 kB (29908 bytes)
Hash
89590e83139b7d609c50baf7dca96b9b
8a9269aff5ac3216a0d359a539ac01f9adf6e1c5
e485bdb9c4bf724a5eb7637bbba6ee9ec305b6ae4c730237dcd0e93e45490e7b

HTTP Headers

GET /hm.js?2f60ef41d26337acc7101bc632659fac HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.manbetx.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11302
Content-Type: application/javascript
Date: Fri, 30 May 2025 16:57:25 GMT
Etag: 4f1ba6cdf3be072b10f5468c6fc71388
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5668B28331685D1B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML