| www.highcpmgate.com/jqnz7nxk?key=d251531dee1b72fd952266f6782706c3 | 192.243.59.20 | 200 OK | 1.3 kB |
URL User Request GET HTTP/1.1www.highcpmgate.com/jqnz7nxk?key=d251531dee1b72fd952266f6782706c3 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
File typeHTML document, ASCII text, with very long lines (407) Hash4abd894e71319d0359c9dbcd0b51e422 5e52f8cf8b3f69cdb843783815ef0066c506e394 d48b1538353a57e4d21f4c3b2938d7dd139af9b726a44618e989d4a5758829ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /jqnz7nxk?key=d251531dee1b72fd952266f6782706c3 HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 21:58:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=23059115; expires=Fri, 26 Apr 2024 21:58:12 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA1OTExNSwiayI6ImQyNTE1MzFkZWUxYjcyZmQ5NTIyNjZmNjc4MjcwNmMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzkyMTUxLCJwaWQiOjE4MjEwNzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjgsInB0Ijo0LCJwayI6Impxbno3bnhrIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ.zCZuq66i-_FRBOEbmsigOl9QyplUeBmJj8IGDCM3R4c; expires=Thu, 25 Apr 2024 21:59:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b06e7fdce82a6bcb1ab28e59ea1c90c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.highcpmgate.com/api/users?token=L2pxbno3bnhrP2tleT1kMjUxNTMxZGVlMWI3MmZkOTUyMjY2ZjY3ODI3MDZjMyZwc3Q9MTcxNDA4MjM1MiZybXRjPXQmc2h1PTQ2M2VhMDM5OTQ0YTA1MmQxOThjZjA1MmRkOTBlM2M1MjRlZDMxZTIwMmE0ZDNmZmY1NTEwNzA2N2EwODI2OTU5YTM2ZDExMmUwNTRlNTBjMzFjODQzMGI4NDY3NmExOWNlMGVkYTQ2YjU5YTVhMjA2ZWRmMTcwZWE5YzE4MGY0YmIzODkzZmZjN2Y2ODcxMWI2YTdlYTY3NjY4MmNiYWQxNWQzYWQ5ZWUyYjMyNDg5MWI5ZTBlMzFhYjM0ZGU&uuid=&pii=&in=false | 172.240.108.76 | | 0 B |
URL User Request GET www.highcpmgate.com/api/users?token=L2pxbno3bnhrP2tleT1kMjUxNTMxZGVlMWI3MmZkOTUyMjY2ZjY3ODI3MDZjMyZwc3Q9MTcxNDA4MjM1MiZybXRjPXQmc2h1PTQ2M2VhMDM5OTQ0YTA1MmQxOThjZjA1MmRkOTBlM2M1MjRlZDMxZTIwMmE0ZDNmZmY1NTEwNzA2N2EwODI2OTU5YTM2ZDExMmUwNTRlNTBjMzFjODQzMGI4NDY3NmExOWNlMGVkYTQ2YjU5YTVhMjA2ZWRmMTcwZWE5YzE4MGY0YmIzODkzZmZjN2Y2ODcxMWI2YTdlYTY3NjY4MmNiYWQxNWQzYWQ5ZWUyYjMyNDg5MWI5ZTBlMzFhYjM0ZGU&uuid=&pii=&in=false IP172.240.108.76:0
CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2pxbno3bnhrP2tleT1kMjUxNTMxZGVlMWI3MmZkOTUyMjY2ZjY3ODI3MDZjMyZwc3Q9MTcxNDA4MjM1MiZybXRjPXQmc2h1PTQ2M2VhMDM5OTQ0YTA1MmQxOThjZjA1MmRkOTBlM2M1MjRlZDMxZTIwMmE0ZDNmZmY1NTEwNzA2N2EwODI2OTU5YTM2ZDExMmUwNTRlNTBjMzFjODQzMGI4NDY3NmExOWNlMGVkYTQ2YjU5YTVhMjA2ZWRmMTcwZWE5YzE4MGY0YmIzODkzZmZjN2Y2ODcxMWI2YTdlYTY3NjY4MmNiYWQxNWQzYWQ5ZWUyYjMyNDg5MWI5ZTBlMzFhYjM0ZGU&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2pxbno3bnhrP2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjMwNTkxMTU
Cookie: u_pl=23059115; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA1OTExNSwiayI6ImQyNTE1MzFkZWUxYjcyZmQ5NTIyNjZmNjc4MjcwNmMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzkyMTUxLCJwaWQiOjE4MjEwNzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjgsInB0Ijo0LCJwayI6Impxbno3bnhrIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ.zCZuq66i-_FRBOEbmsigOl9QyplUeBmJj8IGDCM3R4c; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 21:58:13 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://we49kd.com/track?q=ihL1RVAatgR
Set-Cookie: iprcaa04d0d37b95b0181d63983dc470163f=3967273; expires=Sat, 27 Apr 2024 23:58:13 GMT
pdhtkv=true; expires=Fri, 26 Apr 2024 21:58:13 GMT
uncs=1; expires=Fri, 26 Apr 2024 21:58:13 GMT
pdhtkv28=true; expires=Fri, 26 Apr 2024 21:58:13 GMT
uncs28=1; expires=Fri, 26 Apr 2024 21:58:13 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddc71a1294e3ce1e81f5d640b322081f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.highcpmgate.com/api/users?token=L2pxbno3bnhrP2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjMwNTkxMTU | 192.243.61.225 | | 1.3 kB |
URL www.highcpmgate.com/api/users?token=L2pxbno3bnhrP2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjMwNTkxMTU IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
File typeHTML document, ASCII text, with very long lines (432) Hashe9bdfd1da78bb3f10dd47f2fcc1ce8e4 2ae0bafccee840c6d87a4587469efb7ae0821169 deb1cdcc59aa18e43bbf413a5212d7fc7efa77d018967117e31eae8ff779f1a7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2pxbno3bnhrP2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjMwNTkxMTU HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 21:58:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15548089; expires=Fri, 26 Apr 2024 21:58:35 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTU0ODA4OSwiayI6ImE5NjljYTVjOWFkMjYxMTc2MmYxMWI3OWE1MjZlMmQyIiwic2lkIjoiMjMwNTkxMTUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjEwMzczOCwicGlkIjo4MzMyMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyOCwicHQiOjQsInBrIjoidm4wZGJ2eTUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.Td4EXT6QBQTOnnK9DnYNi9ZJzqzOp0Ln-3YjpxwrYks; expires=Thu, 25 Apr 2024 21:59:35 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef8becae5c0ee8d7f436b36015bc1cec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 0.0.0.0 | | 0 B |
URL GET proftrafficcounter.com/stats IP0.0.0.0:0
Requested byhttps://www.highcpmgate.com/jqnz7nxk?key=d251531dee1b72fd952266f6782706c3
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.highcpmgate.com
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.highcpmgate.com/favicon.ico | 0.0.0.0 | | 0 B |
URL GET www.highcpmgate.com/favicon.ico IP0.0.0.0:0
Requested byhttps://www.highcpmgate.com/jqnz7nxk?key=d251531dee1b72fd952266f6782706c3 CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2pxbno3bnhrP2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjMwNTkxMTU
Cookie: u_pl=23059115; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA1OTExNSwiayI6ImQyNTE1MzFkZWUxYjcyZmQ5NTIyNjZmNjc4MjcwNmMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzkyMTUxLCJwaWQiOjE4MjEwNzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjgsInB0Ijo0LCJwayI6Impxbno3bnhrIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ.zCZuq66i-_FRBOEbmsigOl9QyplUeBmJj8IGDCM3R4c; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| we49kd.com/track?q=ihL1RVAatgR | 0.0.0.0 | | 0 B |
URL User Request GET we49kd.com/track?q=ihL1RVAatgR IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?q=ihL1RVAatgR HTTP/1.1
Host: we49kd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|