IP 146.112.59.12:443
CertificateIssuerAmazon Subjectinternetbadguys.com FingerprintF1:C0:C1:91:A6:F4:93:09:24:32:49:2F:CE:84:51:7A:26:5F:43:83 ValidityFri, 25 Oct 2024 00:00:00 GMT - Sun, 23 Nov 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashdcb6421c2119ae0a06ef7caa1706e70b 4a220222d5f46809f21b90fc9c910e679cd4f903 17efb26ee062eaa4eb88162441b201fa4717e98d305669541d339e50fa15d697
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: internetbadguys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 May 2025 18:16:14 GMT
content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 05 May 2025 09:36:15 GMT
vary: Accept-Encoding
etag: W/"6818868f-689"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob:; frame-ancestors 'self'; script-src 'strict-dynamic' https: 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2
|
| internetbadguys.com/opendns.gif | 146.112.59.12 | 200 OK | 2.5 kB |
URL GET internetbadguys.com/opendns.gif IP146.112.59.12:443
Requested byhttps://internetbadguys.com/ CertificateIssuerAmazon Subjectinternetbadguys.com FingerprintF1:C0:C1:91:A6:F4:93:09:24:32:49:2F:CE:84:51:7A:26:5F:43:83 ValidityFri, 25 Oct 2024 00:00:00 GMT - Sun, 23 Nov 2025 23:59:59 GMT
File typeGIF image data, version 89a, 93 x 37 Hashf71708cb9d77777f0cda5b703fa18815 71ec8b0e5335b4bc9a788136e2bc67167de22395 2882773e21bd3f9f736e5837fab10b9607219e080b2cbd5e013b89f5177c3379
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /opendns.gif HTTP/1.1
Host: internetbadguys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://internetbadguys.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 May 2025 18:16:15 GMT
content-type: image/gif
content-length: 2469
server: nginx
last-modified: Mon, 05 May 2025 09:36:15 GMT
etag: "6818868f-9a5"
expires: Thu, 15 May 2025 18:16:15 GMT
cache-control: max-age=604800
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob:; frame-ancestors 'self'; script-src 'strict-dynamic' https: 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
|
| internetbadguys.com/style.css | 146.112.59.12 | 200 OK | 1.2 kB |
URL GET internetbadguys.com/style.css IP146.112.59.12:443
Requested byhttps://internetbadguys.com/ CertificateIssuerAmazon Subjectinternetbadguys.com FingerprintF1:C0:C1:91:A6:F4:93:09:24:32:49:2F:CE:84:51:7A:26:5F:43:83 ValidityFri, 25 Oct 2024 00:00:00 GMT - Sun, 23 Nov 2025 23:59:59 GMT
Hashcc845d3e2086fd2fb23cd0d3065195b9 391eb4839f10a6edd79d9c3117d434b120301785 e1a27a9e8c178c931bcf206ab8abfdd26da7f9fb8bf47b0183293623d85d639c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /style.css HTTP/1.1
Host: internetbadguys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://internetbadguys.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 08 May 2025 18:16:15 GMT
content-type: text/css
server: nginx
last-modified: Mon, 05 May 2025 09:36:15 GMT
vary: Accept-Encoding
etag: W/"6818868f-483"
expires: Thu, 15 May 2025 18:16:15 GMT
cache-control: max-age=604800
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob:; frame-ancestors 'self'; script-src 'strict-dynamic' https: 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2
|
| internetbadguys.com/favicon.ico | 146.112.59.12 | 204 No Content | 0 B |
URL GET internetbadguys.com/favicon.ico IP146.112.59.12:443
Requested byhttps://internetbadguys.com/ CertificateIssuerAmazon Subjectinternetbadguys.com FingerprintF1:C0:C1:91:A6:F4:93:09:24:32:49:2F:CE:84:51:7A:26:5F:43:83 ValidityFri, 25 Oct 2024 00:00:00 GMT - Sun, 23 Nov 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: internetbadguys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://internetbadguys.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 08 May 2025 18:16:15 GMT
server: nginx
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' http: https: ws: wss: data: blob:; frame-ancestors 'self'; script-src 'strict-dynamic' https: 'self';
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
|