46.8.8.100/
46.8.8.100 191 B IP 46.8.8.100:0
File type HTML document, ASCII text
Hash b6c159ae91c75e7b45200455689e8f92
1cbb1b0a0781b4db1cd1f01e6e1bdc57f464bc49
799604eefe8f1f5104319b29fdc64ca2a5d855f8e6ccb76f5138f5b9d2544e5b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 46.8.8.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://menel-cim.info/zclkvisitor/49270530-0edd-11ef-b976-0affccaeb525/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
Date: Fri, 10 May 2024 14:55:05 GMT
Content-Length: 191
menel-cim.info/zclkvisitor/49270530-0edd-11ef-b976-0affccaeb525/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
44.196.6.43 2.7 kB URL menel-cim.info/zclkvisitor/49270530-0edd-11ef-b976-0affccaeb525/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
IP 44.196.6.43:0
File type HTML document, ASCII text, with very long lines (402)
Hash b48c9bb2ef9c188e0989c3eca12d3842
f4ebbae59cb0d75cb380b23c5272ee2b97fa1f0a
fbbc756a72e060933da88ea8519861cbc6196b7f6dd938e20781289c7a2dad92
GET /zclkvisitor/49270530-0edd-11ef-b976-0affccaeb525/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193 HTTP/1.1
Host: menel-cim.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:55:05 GMT
content-type: text/html;charset=UTF-8
content-length: 2734
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
X-Firefox-Spdy: h2
46.8.8.100/
46.8.8.100 191 B IP 46.8.8.100:0
File type HTML document, ASCII text
Hash 65ddd9b621fdf98887b29f5b58942001
2458996793d40d836567b4b2b5b62855fda69e4f
61a12cc1d30c3855a7fc3a8b8de7997db920ad7a679da10184605b9ddb11d09f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 46.8.8.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://menel-cim.info/zclkvisitor/4ab19cd7-0edd-11ef-b5d0-0affd6043d0b/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
Date: Fri, 10 May 2024 14:55:07 GMT
Content-Length: 191
menel-cim.info/zclkvisitor/4ab19cd7-0edd-11ef-b5d0-0affd6043d0b/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
44.196.6.43 2.7 kB URL menel-cim.info/zclkvisitor/4ab19cd7-0edd-11ef-b5d0-0affd6043d0b/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
IP 44.196.6.43:0
File type HTML document, ASCII text, with very long lines (402)
Hash 6d0bd3b410a5679faa7520fe0479136b
35c460cca28c3c779ce9b25638ea8d5511afe1f1
8061c590648899c93e4e78dde507c7b04bd0a418c7ba6e3c14f630a869e09915
GET /zclkvisitor/4ab19cd7-0edd-11ef-b5d0-0affd6043d0b/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193 HTTP/1.1
Host: menel-cim.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:55:08 GMT
content-type: text/html;charset=UTF-8
content-length: 2734
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
X-Firefox-Spdy: h2
menel-cim.info/zclkredirect?visitid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC
44.196.6.43200 OK 708 B URL User Request GET HTTP/2 menel-cim.info/zclkredirect?visitid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC
IP 44.196.6.43:443
Certificate IssuerAmazon
Subjectmenel-cim.info
Fingerprint88:5C:D0:54:D9:62:9D:E8:70:E5:71:4D:35:1C:D9:8F:DB:3C:7A:AA
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (311)
Hash a4f69bc8ceda2782d79def179cd95200
c5b1f22d7e5d725cb4b1eace4b939831b878b66a
25484a00360a09a9a207dbee81ff5d0213ca1c2f7adf7da66c571d77e21f7a1b
GET /zclkredirect?visitid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC HTTP/1.1
Host: menel-cim.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://menel-cim.info/zclkvisitor/4ab19cd7-0edd-11ef-b5d0-0affd6043d0b/b71e37a0-18cb-11ea-9f38-0a157bfa6bfc?campaignid=8e8772f0-d17e-11ee-bb2d-0a4ababc2193
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:55:08 GMT
content-type: text/html;charset=UTF-8
content-length: 708
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
redirected: JS
X-Firefox-Spdy: h2
dessedcuression.com/zp-redirect?target=https%3A%2F%2Fbrandsreview.co%2F&caid=10526c8f-e8ae-4b09-9cb0-577f18e4c302&zpid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&cid=wrku5kl1rsi3am61jmm8037a&rt=R&ts=1715352908366&hash=1VWFk5gB6NHLG12-n7su5-zB0SbV5OJvkytNCmXA2d0
18.196.138.182 0 B URL User Request GET dessedcuression.com/zp-redirect?target=https%3A%2F%2Fbrandsreview.co%2F&caid=10526c8f-e8ae-4b09-9cb0-577f18e4c302&zpid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&cid=wrku5kl1rsi3am61jmm8037a&rt=R&ts=1715352908366&hash=1VWFk5gB6NHLG12-n7su5-zB0SbV5OJvkytNCmXA2d0
IP 18.196.138.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fbrandsreview.co%2F&caid=10526c8f-e8ae-4b09-9cb0-577f18e4c302&zpid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&cid=wrku5kl1rsi3am61jmm8037a&rt=R&ts=1715352908366&hash=1VWFk5gB6NHLG12-n7su5-zB0SbV5OJvkytNCmXA2d0 HTTP/1.1
Host: dessedcuression.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://menel-cim.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 14:55:08 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://brandsreview.co/
pragma: no-cache
set-cookie: cc-v4=%2F8lWkZa9L%2B%2BiPJKJHDPl6O%2Fzqfp6iAudvcRGUPRrGgUvRsgwCl1SBWWANHLnxQU3B9USqfyFV8WeZ1QUuS3NilF4wZRkTQWQVlU5EyA78ZZnY%2FolzukHR0Gc4R028qhxZUzwirPnICaeu1ta9BJdcQ%3D%3D; Max-Age=31536000; Expires=Sat, 10-May-2025 14:55:08 GMT; Domain=dessedcuression.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
menel-cim.info/favicon.ico
44.196.6.43404 Not Found 653 B URL GET HTTP/2 menel-cim.info/favicon.ico
IP 44.196.6.43:443
Requested by https://menel-cim.info/zclkredirect?visitid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC
Certificate IssuerAmazon
Subjectmenel-cim.info
Fingerprint88:5C:D0:54:D9:62:9D:E8:70:E5:71:4D:35:1C:D9:8F:DB:3C:7A:AA
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: menel-cim.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://menel-cim.info/zclkredirect?visitid=4ab19cd7-0edd-11ef-b5d0-0affd6043d0b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=undefined&timezone=UTC%2B00%3A00&timezoneName=UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 10 May 2024 14:55:08 GMT
content-type: text/html;charset=utf-8
content-length: 653
content-language: en
X-Firefox-Spdy: h2
0.0.0.0 0 B IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: brandsreview.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://menel-cim.info/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache