| www.highcpmgate.com/d641u4v7v?key=d038e08f8f1c2d0c51a1f9684618804c | 172.240.127.234 | | 1.3 kB |
URL www.highcpmgate.com/d641u4v7v?key=d038e08f8f1c2d0c51a1f9684618804c IP172.240.127.234:0
File typeHTML document, ASCII text, with very long lines (411) Hashb26e24f6c5fd6cc85927def508cde8bf 3259f14a4a402c3149c10d85c3b13a94cd283d0b eecced96ef41042ae074c110809bb6673de4fbfce308908c8fde8231a2c581e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /d641u4v7v?key=d038e08f8f1c2d0c51a1f9684618804c HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:08:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16718501; expires=Sun, 05 May 2024 22:08:21 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjcxODUwMSwiayI6ImQwMzhlMDhmOGYxYzJkMGM1MWExZjk2ODQ2MTg4MDRjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjk5MDU1LCJwaWQiOjM4NzgxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiZDY0MXU0djd2IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ.Xb7TuHeCHZdjvVU1Qdf9FfjiJ8DG81ebQKHjI225G9U; expires=Sat, 04 May 2024 22:09:21 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f9e6cb54d2d1e968e6016c639a7d227
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
| www.highcpmgate.com/api/users?token=L2Q2NDF1NHY3dj9rZXk9ZDAzOGUwOGY4ZjFjMmQwYzUxYTFmOTY4NDYxODgwNGMmcHN0PTE3MTQ4NjA1NjEmcm10Yz10JnNodT1kNjBlOTZkMTI3YTU3ZjIzNjU2MGZlZDAzNjZmNGJmZmYwNzc0N2M4YzhhNjU4OTE0Mzg0NjkyZDNhOTFiYTE3YzkxZmMxYzhkYmE4OGNiZGUxZDVjODIyOTUwMWEzNDM1NDBiNmFkMTk3YmVlNmE1NjBhMzVhNDQ1MThiNGJmMDNjNDRlZDc0YzU0YjUyOTlhMDUwMWQ4NjFiODkxNzJjYzBjYTM0ZTRkOGQ2YTM5OWZkMzBiMzdmMmFmZGM4MGQ&uuid=&pii=&in=false | 172.240.108.76 | 302 Found | 0 B |
URL User Request GET HTTP/1.1www.highcpmgate.com/api/users?token=L2Q2NDF1NHY3dj9rZXk9ZDAzOGUwOGY4ZjFjMmQwYzUxYTFmOTY4NDYxODgwNGMmcHN0PTE3MTQ4NjA1NjEmcm10Yz10JnNodT1kNjBlOTZkMTI3YTU3ZjIzNjU2MGZlZDAzNjZmNGJmZmYwNzc0N2M4YzhhNjU4OTE0Mzg0NjkyZDNhOTFiYTE3YzkxZmMxYzhkYmE4OGNiZGUxZDVjODIyOTUwMWEzNDM1NDBiNmFkMTk3YmVlNmE1NjBhMzVhNDQ1MThiNGJmMDNjNDRlZDc0YzU0YjUyOTlhMDUwMWQ4NjFiODkxNzJjYzBjYTM0ZTRkOGQ2YTM5OWZkMzBiMzdmMmFmZGM4MGQ&uuid=&pii=&in=false IP172.240.108.76:443
CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2Q2NDF1NHY3dj9rZXk9ZDAzOGUwOGY4ZjFjMmQwYzUxYTFmOTY4NDYxODgwNGMmcHN0PTE3MTQ4NjA1NjEmcm10Yz10JnNodT1kNjBlOTZkMTI3YTU3ZjIzNjU2MGZlZDAzNjZmNGJmZmYwNzc0N2M4YzhhNjU4OTE0Mzg0NjkyZDNhOTFiYTE3YzkxZmMxYzhkYmE4OGNiZGUxZDVjODIyOTUwMWEzNDM1NDBiNmFkMTk3YmVlNmE1NjBhMzVhNDQ1MThiNGJmMDNjNDRlZDc0YzU0YjUyOTlhMDUwMWQ4NjFiODkxNzJjYzBjYTM0ZTRkOGQ2YTM5OWZkMzBiMzdmMmFmZGM4MGQ&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2Q2NDF1NHY3dj9rZXk9OWNhNjAxYTlmNDdjNzM1ZGY3NmQ1Y2E0NmZhMjZhNjYmc3VibWV0cmljPTE2NzE4NTAx
Cookie: u_pl=16718501; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjcxODUwMSwiayI6ImQwMzhlMDhmOGYxYzJkMGM1MWExZjk2ODQ2MTg4MDRjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjk5MDU1LCJwaWQiOjM4NzgxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiZDY0MXU0djd2IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ.Xb7TuHeCHZdjvVU1Qdf9FfjiJ8DG81ebQKHjI225G9U; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sat, 04 May 2024 22:08:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://wy.remockdazzle.com/i4p4vHQFKBCdj/mjJre?param_4=16718501¶m_5=39968816e13e2072a9b0be22f73af45d
Set-Cookie: iprc329add3b5a2d2cc3d49c246accbf546c=4991908; expires=Sun, 05 May 2024 22:08:22 GMT
pdhtkv=true; expires=Sun, 05 May 2024 22:08:22 GMT
uncs=1; expires=Sun, 05 May 2024 22:08:22 GMT
pdhtkv28=true; expires=Sun, 05 May 2024 22:08:22 GMT
uncs28=1; expires=Sun, 05 May 2024 22:08:22 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef913ee78f40c72fcaaf02b4da2fa7ea
Strict-Transport-Security: max-age=0; includeSubdomains
|
| wy.remockdazzle.com/i4p4vHQFKBCdj/mjJre?param_4=16718501¶m_5=39968816e13e2072a9b0be22f73af45d | 188.42.247.220 | 200 OK | 61 B |
URL User Request GET HTTP/1.1wy.remockdazzle.com/i4p4vHQFKBCdj/mjJre?param_4=16718501¶m_5=39968816e13e2072a9b0be22f73af45d IP188.42.247.220:443
CertificateIssuerLet's Encrypt Subjectwy.remockdazzle.com Fingerprint39:74:A4:3D:82:06:8A:FD:1A:E4:97:1C:96:12:15:C7:FE:B5:7E:CF ValidityThu, 02 May 2024 23:03:05 GMT - Wed, 31 Jul 2024 23:03:04 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /i4p4vHQFKBCdj/mjJre?param_4=16718501¶m_5=39968816e13e2072a9b0be22f73af45d HTTP/1.1
Host: wy.remockdazzle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 22:08:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 22:08:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 22:08:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
| wy.remockdazzle.com/favicon.ico | 188.42.247.220 | 200 OK | 1.4 kB |
URL GET HTTP/1.1wy.remockdazzle.com/favicon.ico IP188.42.247.220:443
Requested byhttps://wy.remockdazzle.com/i4p4vHQFKBCdj/mjJre?param_4=16718501¶m_5=39968816e13e2072a9b0be22f73af45d CertificateIssuerLet's Encrypt Subjectwy.remockdazzle.com Fingerprint39:74:A4:3D:82:06:8A:FD:1A:E4:97:1C:96:12:15:C7:FE:B5:7E:CF ValidityThu, 02 May 2024 23:03:05 GMT - Wed, 31 Jul 2024 23:03:04 GMT
File typeMS Windows icon resource - 1 icon, 16x16 Hash011201ab56695ce86ea2f190bce2670b bb8fad6accf293e619360935047c23f00da3c769 a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: wy.remockdazzle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wy.remockdazzle.com/i4p4vHQFKBCdj/mjJre?param_4=16718501¶m_5=39968816e13e2072a9b0be22f73af45d
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 22:08:23 GMT
Content-Type: application/octet-stream
Content-Length: 1406
Last-Modified: Fri, 03 May 2024 15:31:21 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66350349-57e"
Expires: Sun, 05 May 2024 22:08:23 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
|