urlscan.io logo urlscan.io
SecurityTrails logo

g0xdyxxek1.diplomater.tech Open in urlscan Pro
203.161.62.33  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://g0xdyxxek1.diplomater.tech/?email=
Effective URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Submission: On September 18 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 203.161.62.33, located in United States and belongs to NAMECHEAP-NET, US. The main domain is g0xdyxxek1.diplomater.tech.
TLS certificate: Issued by R3 on September 18th 2023. Valid for: 3 months.
This is the only time g0xdyxxek1.diplomater.tech was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 6 203.161.62.33 22612 (NAMECHEAP...)
1 2607:f8b0:402... 15169 (GOOGLE)
2 216.24.57.253 397273 (RENDER)
1 199.192.19.136 22612 (NAMECHEAP...)
10 5
Apex Domain
Subdomains		 Transfer
6 diplomater.tech
g0xdyxxek1.diplomater.tech
25 KB
2 onrender.com
mainoffauty.onrender.com
222 KB
1 pieterol.tech
vx7ncuufxw.pieterol.tech
5 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
30 KB
0 ipify.org Failed
api.ipify.org Failed
10 5
Domain Requested by
6 g0xdyxxek1.diplomater.tech 1 redirects g0xdyxxek1.diplomater.tech
2 mainoffauty.onrender.com g0xdyxxek1.diplomater.tech
1 vx7ncuufxw.pieterol.tech ajax.googleapis.com
1 ajax.googleapis.com g0xdyxxek1.diplomater.tech
0 api.ipify.org Failed ajax.googleapis.com
10 5

This site contains no links.

Subject Issuer Validity Valid
www.g0xdyxxek1.diplomater.tech
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
onrender.com
Cloudflare Inc ECC CA-3		 2023-09-17 -
2024-09-16		 a year crt.sh
www.vx7ncuufxw.pieterol.tech
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Frame ID: 7E0CF65D6D4155C4D175E7144FB2F487
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WY00L8XRYH6CJMXDSOP2

Page URL History Show full URLs

  1. https://g0xdyxxek1.diplomater.tech/?email= HTTP 302
    https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

282 kB
Transfer

806 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://g0xdyxxek1.diplomater.tech/?email= HTTP 302
    https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
g0xdyxxek1.diplomater.tech/m/
Redirect Chain
  • https://g0xdyxxek1.diplomater.tech/?email=
  • https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
203.161.62.33 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vps.mainhostpage.tech
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash
040804ec8d94dc2275eee57810badb03ab7850c894d175f7459fd3aa7c239ab5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2160
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Sep 2023 20:10:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.4.1

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Sep 2023 20:10:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Pragma
no-cache
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
User-Agent
X-Powered-By
PHP/7.4.1
PSDYH8Z7XLTS6KJKZ2JDX46Q1
g0xdyxxek1.diplomater.tech/m/sm/ 		106 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g0xdyxxek1.diplomater.tech/m/sm/PSDYH8Z7XLTS6KJKZ2JDX46Q1
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
203.161.62.33 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vps.mainhostpage.tech
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash
932974a2d9966e2e6e45882d3d4b8e81293c79934a0ab235e112bffcea506ce9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 20:10:14 GMT
Content-Encoding
gzip
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.1
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
17683
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js?KQU211X4MBUUP8FOTCZEURTF1
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 20:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30433
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2024 20:10:14 GMT
mlg.svg
g0xdyxxek1.diplomater.tech/m/mxl/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g0xdyxxek1.diplomater.tech/m/mxl/mlg.svg?LS3I4GO8L8ZFADLPFMFRCW9U1
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
203.161.62.33 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vps.mainhostpage.tech
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 20:10:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Sep 2023 19:50:24 GMT
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag
"e43-605a7740d1cb7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1435
sig_op.svg
g0xdyxxek1.diplomater.tech/m/mxl/ 		2 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g0xdyxxek1.diplomater.tech/m/mxl/sig_op.svg
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
203.161.62.33 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vps.mainhostpage.tech
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 20:10:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Sep 2023 19:50:24 GMT
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag
"638-605a7740d1cb7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
621
authy.js
mainoffauty.onrender.com/ 		400 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mainoffauty.onrender.com/authy.js?Y9HOIAGDT20G2EVRD5KPIZLVQ
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a1327500f337d80f0abb4bd8a2b02e4beef2bc34c3961e6e0f3407da185057d
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 20:10:14 GMT
strict-transport-security
max-age=315360000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Sep 2023 23:48:22 UTC
server
cloudflare
content-encoding
br
etag
W/"b6ae0f5d3f6f85cf92bf9eeb84a3deaa"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-tag
srv-cjrrs1ojbais73fqho9g
cache-control
public, max-age=0, s-maxage=300
cf-ray
808c3b302abcc41b-EWR
cloudflare-cdn-cache-control
public, max-age=300
alt-svc
h3=":443"; ma=86400
encrytCode.js
mainoffauty.onrender.com/ 		195 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mainoffauty.onrender.com/encrytCode.js?Q3SIE5DTURWDIJFZH2TDOJV1A
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294d339f709a0620968800517ed512f5ea76a8d06959ff59f6f2ec6f3fdcdb7
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 20:10:14 GMT
strict-transport-security
max-age=315360000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Sep 2023 23:48:22 UTC
server
cloudflare
content-encoding
br
etag
W/"25930b37116b2474777d799979918568"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-tag
srv-cjrrs1ojbais73fqho9g
cache-control
public, max-age=0, s-maxage=300
cf-ray
808c3b302ac1c41b-EWR
cloudflare-cdn-cache-control
public, max-age=300
alt-svc
h3=":443"; ma=86400
PXPP081C0D32R9C2ODR46G3LD
g0xdyxxek1.diplomater.tech/m/bxg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g0xdyxxek1.diplomater.tech/m/bxg/PXPP081C0D32R9C2ODR46G3LD
Requested by
Host: g0xdyxxek1.diplomater.tech
URL: https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
203.161.62.33 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vps.mainhostpage.tech
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g0xdyxxek1.diplomater.tech/m/fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 20:10:14 GMT
Content-Encoding
gzip
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.1
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
673
/
api.ipify.org/ 		0
0
/
vx7ncuufxw.pieterol.tech/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vx7ncuufxw.pieterol.tech/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js?KQU211X4MBUUP8FOTCZEURTF1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.192.19.136 Valley Stream, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
svr4.dkshostcook.host
Software
Apache/2.4.56 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash
270dd308b329956dcbe3a48b812f6d8b3653d1c230e64f2958d1f544011b6398

Request headers

Accept
*/*
Referer
https://g0xdyxxek1.diplomater.tech/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 20:10:15 GMT
Server
Apache/2.4.56 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.1
Vary
User-Agent
Transfer-Encoding
chunked
Content-Type
application/php; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Access-Control-Allow-Headers
Authorization, Content-Type
Keep-Alive
timeout=5, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.ipify.org
URL
https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery string| pagemsg string| semail string| urlx string| lmode function| _0x54449b function| _0x280da7 function| _0x3d3587 function| _0xf2661e function| _0x323f6a function| _0x3e5062 function| _0x45f755 object| _0x2d0bad function| _0x1805c1 object| Errs string| email string| epass string| phone object| dVal object| lVal object| pages string| Key string| randomNum number| skip function| _0x1b727a undefined| myInterval undefined| Proofs undefined| Timeout undefined| IP undefined| GetCredential number| mhost function| _0x3fef string| pgtype function| getpage function| isEmail function| nextto function| _0x1dbff2 function| select_account function| back function| cancel function| _0x3802 number| count number| lcount function| redlogin function| setCookie function| auth function| auth_live function| getproof function| SendCodeLive function| ihacode function| VerifyCodeLive function| GotoAuth function| authback function| GotoType function| AuthEdata function| verifyOTC function| beginAuth number| PollCount function| endAuth function| processAuth function| startEndath function| stopEndath function| datetoiso function| dec2hex function| generateId string| SesIN function| _0x1f2861 function| _0x42684f function| _0x1a4ce1 function| _0x8de6f3 function| _0xc2195 function| _0x508af5 function| _0x660f function| Encrypt function| PackageSADataForProof function| parseRSAKeyFromString function| hexStringToMP function| JSMPnumber function| applyPKCSv2Padding function| SHA1 function| PadSHA1Input function| SHA1RoundFunction function| rotateLeft function| wordToBytes function| MGF function| duplicateMP function| modularMultiply function| multiplyMP function| removeLeadingZeroes function| mpToByteArray function| multiplyAndSubtract function| normalizeJSMP function| divideMP function| _0x4e53 function| modularExp function| byteArrayToMP function| XORarrays function| RSAEncrypt function| mapByteToBase64 function| base64Encode function| byteArrayToBase64 function| RSAEncryptBlock function| _0x540dfa

2 Cookies

Domain/Path Name / Value
g0xdyxxek1.diplomater.tech/ Name: PHPSESSID
Value: 0b45e248218a21b2f03d38a9cbaeb216
g0xdyxxek1.diplomater.tech/ Name: rt
Value: fbcfaf5ffcfd9dcf1c1276f9c9c95fb8.html