| handgripknuckle.com/pbh5nz92?key=0cb531c3ffd62f2a405f53374586d16d |  172.240.253.132 | 200 OK | 118 B |
URL User Request GET HTTP/1.1handgripknuckle.com/pbh5nz92?key=0cb531c3ffd62f2a405f53374586d16d IP172.240.253.132:443
CertificateIssuerLet's Encrypt Subjecthandgripknuckle.com Fingerprint10:B1:EF:19:B8:F9:CB:28:31:A0:1E:84:2E:30:E1:42:BE:E2:C1:7B ValidityThu, 02 Jan 2025 22:21:39 GMT - Wed, 02 Apr 2025 22:21:38 GMT
File typeHTML document, ASCII text, with no line terminators Hashb0f623103cd51d764412d46f8a7e0816 3c88223adef88d7cb3ef5536b4b398ef54f31781 fe40b26bcb3f34ba8f180d33623bb3b109597ba9b3f5596ba1bc6b665b8dcb67
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pbh5nz92?key=0cb531c3ffd62f2a405f53374586d16d HTTP/1.1
Host: handgripknuckle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kamilmarciniak.pl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 09 Feb 2025 11:05:59 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
set-cookie: u_pl24975409=1; expires=Mon, 10 Feb 2025 11:05:59 GMT; path=/
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: go-banner.modules.svc.cluster.local:9090/*
Host: handgripknuckle.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e2a754f1e38d484674e5ee958be61f7c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| handgripknuckle.com/favicon.ico | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1handgripknuckle.com/favicon.ico IP172.240.253.132:443
Requested byhttps://handgripknuckle.com/pbh5nz92?key=0cb531c3ffd62f2a405f53374586d16d CertificateIssuerLet's Encrypt Subjecthandgripknuckle.com Fingerprint10:B1:EF:19:B8:F9:CB:28:31:A0:1E:84:2E:30:E1:42:BE:E2:C1:7B ValidityThu, 02 Jan 2025 22:21:39 GMT - Wed, 02 Apr 2025 22:21:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: handgripknuckle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://handgripknuckle.com/pbh5nz92?key=0cb531c3ffd62f2a405f53374586d16d
Cookie: u_pl24975409=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 09 Feb 2025 11:05:59 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7c6a42baa772a9c1be15c8f552cfdfc1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| kamilmarciniak.pl/superporno.com/ |  104.21.57.238 | 200 OK | 287 B |
URL User Request GET HTTP/2kamilmarciniak.pl/superporno.com/ IP104.21.57.238:443
CertificateIssuerGoogle Trust Services Subjectkamilmarciniak.pl Fingerprint2C:58:69:37:E3:21:E0:86:D6:A7:37:98:D1:1D:F3:2F:EC:A5:36:BF ValidityWed, 05 Feb 2025 18:22:54 GMT - Tue, 06 May 2025 19:20:27 GMT
File typeHTML document, ASCII text, with no line terminators Hash2f431fb592580dfc2e8bcbeac4a2956f a24827e25c83bb9cb9ef0666d6d68c1e860bd765 6fbcc3bd5bb091ec28d5f6c48a4db3069c32236869e5b0e7d30751355d6e15f0
GET /superporno.com/ HTTP/1.1
Host: kamilmarciniak.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 09 Feb 2025 11:05:57 GMT
content-type: text/html; charset=UTF-8
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7DFPDU%2FNLY1Mu2kHmeQfxvgs%2FlKynbcQB1fZ0T8n5bgmOzZ1dL1dOztDIqgytwB1tcZc4XjWgcczogyoLof9k9r%2B0migYTO%2FXEzxn3TT5%2F2xG1%2B%2FdDuBLwYoyLN%2FxtW5RGNQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90f363281b8a0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6963&min_rtt=445&rtt_var=12752&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3294&recv_bytes=1268&delivery_rate=7109656&cwnd=254&unsent_bytes=0&cid=5c444289713b4eb9&ts=81&x=0"
X-Firefox-Spdy: h2
|
|
| kamilmarciniak.pl/favicon.ico | 104.21.57.238 | 301 Moved Permanently | 267 B |
URL GET HTTP/3kamilmarciniak.pl/favicon.ico IP104.21.57.238:443
Requested byhttps://kamilmarciniak.pl/superporno.com/ CertificateIssuerGoogle Trust Services Subjectkamilmarciniak.pl Fingerprint2C:58:69:37:E3:21:E0:86:D6:A7:37:98:D1:1D:F3:2F:EC:A5:36:BF ValidityWed, 05 Feb 2025 18:22:54 GMT - Tue, 06 May 2025 19:20:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: kamilmarciniak.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kamilmarciniak.pl/superporno.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Sun, 09 Feb 2025 11:05:58 GMT
content-type: text/html
location: http://kamilmarciniak.pl/favicon.svg
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbGz%2BOqebqzrPzfI5JbzKQMOKOGnCkderZo23a198A33tqv7AcBebipSgEWh%2B%2FzJc9z%2Fc4joSFC%2BMdKKY1GGR4AGnDwJY6zwHGWGnH2PfOiUS3vFwEY8Qik5fS3e%2FkjObu1ZdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90f36329e81b1c0a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9676&min_rtt=2117&rtt_var=6193&sent=14&recv=8&lost=0&retrans=0&sent_bytes=4192&recv_bytes=1224&delivery_rate=278123&cwnd=12000&unsent_bytes=0&cid=fb852e29aafb3d51&ts=247&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| kamilmarciniak.pl/favicon.svg | 104.21.57.238 | 200 OK | 267 B |
URL GET HTTP/3kamilmarciniak.pl/favicon.svg IP104.21.57.238:443
Requested byhttps://kamilmarciniak.pl/superporno.com/ CertificateIssuerGoogle Trust Services Subjectkamilmarciniak.pl Fingerprint2C:58:69:37:E3:21:E0:86:D6:A7:37:98:D1:1D:F3:2F:EC:A5:36:BF ValidityWed, 05 Feb 2025 18:22:54 GMT - Tue, 06 May 2025 19:20:27 GMT
File typeSVG Scalable Vector Graphics image Hashc0323801a9dc1ffc85236ce3287cd698 da96d1b1f57a5424911861db0ca6adcdf3936ce8 b7c006e2e4bc2fb22707d51a0048312c1b86ede1610efcc9a75b11b56276b664
GET /favicon.svg HTTP/1.1
Host: kamilmarciniak.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 09 Feb 2025 11:05:58 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Feb 2025 11:03:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oItMlDEv9czHgqWcngW9T9RyEOkOWTOdQqZCCmQ1GS4XUqhNa8ZrtvQxY34jUmcV3EXiwnCk3JNg2wHKK3qgyxiXCoD48tcpepilDOJ%2BTWOFDsP%2FNzXSay3l6ICxNKWiFdhLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90f3632a58601c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9074&min_rtt=2117&rtt_var=5848&sent=16&recv=10&lost=0&retrans=0&sent_bytes=5136&recv_bytes=1530&delivery_rate=3721&cwnd=12000&unsent_bytes=0&cid=fb852e29aafb3d51&ts=308&x=1", cfExtPri, cfHdrFlush;dur=0
|
|