| my.rtmark.net/img.gif?f=merge&userId=5da2c8ad7af84e8c894918ddbd7f9bdf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=5da2c8ad7af84e8c894918ddbd7f9bdf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=5da2c8ad7af84e8c894918ddbd7f9bdf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ungroudonchan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 21:01:15 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5da2c8ad7af84e8c894918ddbd7f9bdf; expires=Tue, 28 May 2024 21:01:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ungroudonchan.com/favicon.ico | 139.45.197.238 | | 0 B |
URL ungroudonchan.com/favicon.ico IP139.45.197.238:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ungroudonchan.com/4/5423637?ymid=ASZbQaPaHfcmXkbx1ZUg6t&var=074b5bba-80ab-4a33-86df-edbd736e35eb
Cookie: OAID=5da2c8ad7af84e8c894918ddbd7f9bdf; oaidts=1685394074
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 29 May 2023 21:01:15 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| ungroudonchan.com/?z=5423637&syncedCookie=true&rhd=false | 139.45.197.238 | | 0 B |
URL ungroudonchan.com/?z=5423637&syncedCookie=true&rhd=false IP139.45.197.238:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5423637&syncedCookie=true&rhd=false HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 588
Origin: https://ungroudonchan.com
DNT: 1
Connection: keep-alive
Referer: https://ungroudonchan.com/afu.php?zoneid=5423637&var=5423637&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false
Cookie: OAID=5da2c8ad7af84e8c894918ddbd7f9bdf; oaidts=1685394074
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 29 May 2023 21:01:15 GMT
content-length: 0
location: https://yt8pt.rdtk.io/64736e442e8cbe00012e5b1f
x-trace-id: 2784eb3db867dba0b6fa1ca5006281f5
link: <https://yt8pt.rdtk.io>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ungroudonchan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5da2c8ad7af84e8c894918ddbd7f9bdf; expires=Tue, 28 May 2024 21:01:15 GMT; path=/; secure; SameSite=None
oaidts=1685394074; expires=Tue, 28 May 2024 21:01:15 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 05 Jun 2023 21:01:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.usertrust.com/ | 104.18.15.101 | | 471 B |
IP104.18.15.101:0
Hash02b226e6b99685fb4144d66fe3b3aaa3 85d049d017bd35778f4d01f89182864c6b16a2ab 356040e4d99a66f00b9c522e45caadc6cb3f8686a1236de98395883169c6b1b0
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 21:01:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 10:07:32 GMT
Expires: Fri, 02 Jun 2023 10:07:31 GMT
Etag: "85d049d017bd35778f4d01f89182864c6b16a2ab"
Cache-Control: max-age=602514,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1263
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cf1abec9e56b529-OSL
|
|
| yt8pt.rdtk.io/64736e442e8cbe00012e5b1f | 37.48.87.182 | | 224 B |
URL yt8pt.rdtk.io/64736e442e8cbe00012e5b1f IP37.48.87.182:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeHTML document text\012- HTML document, ASCII text Hash5c144767d3923ece679ad54832c7a598 c1cc99dd7ecfd78a721b585312dd90b260899f87 91121e48ada33a2d136201c08a0a0aa8be2f239c3757eb07b0df368803d08b97
GET /64736e442e8cbe00012e5b1f HTTP/1.1
Host: yt8pt.rdtk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 29 May 2023 21:01:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 224
Connection: keep-alive
Set-Cookie: redcmps=W3siaWQiOiI2NDczNmU0NDJlOGNiZTAwMDEyZTViMWYiLCJ0IjoiMjAyMy0wNS0yOVQyMTowMToxNS42NTUzNzIzMjJaIn1d; Path=/; Domain=yt8pt.rdtk.io; Expires=Tue, 30 May 2023 21:01:15 GMT; Secure; SameSite=None
redhash=NjQ3NTEyOWI1NTA1M2YwMDAxMTdhNTY0fDB8NjQ3MzZlNDQyZThjYmUwMDAxMmU1YjFmfHwyZTJhMGY0NS1iNWFiLTQ1ZjEtOWE3Yy03NmE3NDc2YjQ2MTR8MTY4NTM5NDA3NQ==; Path=/; Domain=yt8pt.rdtk.io; Expires=Tue, 28 May 2024 21:01:15 GMT; Secure; SameSite=None
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
|
|
| www.highrevenuegate.com/r5emwnik02?key=49429c63dc13e526dadd5912943bb29f | 173.233.137.52 | 200 OK | 115 B |
URL User Request GET HTTP/1.1www.highrevenuegate.com/r5emwnik02?key=49429c63dc13e526dadd5912943bb29f IP173.233.137.52:443
CertificateIssuerLet's Encrypt Subjecthighrevenuegate.com FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14 ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT
File typeASCII text, with no line terminators Hash16579cc322e9e105427ecfa57890ef69 8bb47ec30cf894ab49032d7271a45f0c778baa05 f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /r5emwnik02?key=49429c63dc13e526dadd5912943bb29f HTTP/1.1
Host: www.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 29 May 2023 21:01:16 GMT
Content-Type: text/html
Content-Length: 115
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19389915; expires=Tue, 30 May 2023 21:01:16 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1fb492ce58fc66adc3a24ce190ae213b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.highrevenuegate.com/favicon.ico | 173.233.137.52 | 200 OK | 0 B |
URL GET HTTP/1.1www.highrevenuegate.com/favicon.ico IP173.233.137.52:443
Requested byhttps://www.highrevenuegate.com/r5emwnik02?key=49429c63dc13e526dadd5912943bb29f CertificateIssuerLet's Encrypt Subjecthighrevenuegate.com FingerprintE3:83:9C:63:64:A5:46:F7:CE:7B:E1:4D:12:0F:29:C3:22:23:C0:14 ValidityTue, 02 May 2023 09:41:55 GMT - Mon, 31 Jul 2023 09:41:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: www.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highrevenuegate.com/r5emwnik02?key=49429c63dc13e526dadd5912943bb29f
Cookie: u_pl=19389915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 29 May 2023 21:01:16 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87d026577b5fc0cf4b7cd2f4a11aec66
Strict-Transport-Security: max-age=0; includeSubdomains
|
|