Report - pz.fknwqc.xyz/?ch=rh1mls721

Report Overview

Submitted URL
pz.fknwqc.xyz/?ch=rh1mls721
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 23:43:08
Access
public
Website Title
Pornhub
Final URL
pz.fknwqc.xyz/?ch=rh1mls721#/home
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pz.fknwqc.xyz	unknown	unknown	No data	No data	4.5 kB	2.3 MB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed
2024-05-07	medium	fknwqc.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	pz.fknwqc.xyz/?ch=rh1mls721	736 B	2024-05-08	2024-05-08
Pretty URL pz.fknwqc.xyz/?ch=rh1mls721 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 01:43:15 Last Seen2024-05-08 01:43:15 Times Seen1 Hash 848a43cfe7f9e7e66e8227bc1537144b e125b7b464a0a8e07346f69fc355ad1b467f3f6c 7f41abfbe10b3c7bae7af84c0d058eb45e46033422dca7805b373151bb5deccb Loading...

	pz.fknwqc.xyz/static/js/chunk-vendors.0cfa918a.js	205 kB	2024-05-08	2024-05-08
Pretty URL pz.fknwqc.xyz/static/js/chunk-vendors.0cfa918a.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:43:15 Last Seen2024-05-08 01:43:15 Times Seen1 Hash 291eb8c65874601524939bf78bc8f8dd d033b726585edd3ab642da0f6e613a39fac596e1 86e1d3cca3fd3e4eff4e3c7aa9dba112a2794e8ff5c3421420723b136693861c Loading...

	pz.fknwqc.xyz/static/js/app.ae960299.js	4.1 kB	2024-05-08	2024-05-08
Pretty URL pz.fknwqc.xyz/static/js/app.ae960299.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:43:15 Last Seen2024-05-08 01:43:15 Times Seen1 Hash 8bca8be13721d6fe737f430d2f70f83d 6ab0cd058fb32591550bd88109efa114644aa8a3 a4f81aa42eb1df4c0452412cbc7722b09cbd07d2ca93bacb3e69f1cfcb1636d0 Loading...

	pz.fknwqc.xyz/static/js/chunk-0e4a3105.163122e0.js	52 kB	2024-05-08	2024-05-08
Pretty URL pz.fknwqc.xyz/static/js/chunk-0e4a3105.163122e0.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 01:43:15 Last Seen2024-05-08 01:43:15 Times Seen1 Hash 5933505a58620fb4b5ee98726f12f597 68b96b4a2e4e7727fc6268f71b9d84d6b668c2a8 6839e770a42af534ea385ee320c041889bd2d97e41d2315b7834c097a5a023da Loading...

HTTP Transactions (10)

URL IP Response Size

pz.fknwqc.xyz/?ch=rh1mls721

188.114.97.1

200 OK

955 kB

URL User Request GET HTTP/2
pz.fknwqc.xyz/?ch=rh1mls721
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
HTML document, ASCII text, with very long lines (624)
Size
955 kB (954874 bytes)
Hash
90c3be66a5a4e0811b7c74078801408c
2d58a668feaeefd52d70cf17cd127dbac25fb93c
4336699d16f0ec4a38d6ec5e9aea313a65b72fdf97eb72a94dc893390d5eede0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?ch=rh1mls721 HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:42:42 GMT
content-type: text/html
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EW277P8qeNX4qa2WbNR%2Bxv%2F9KYkUhjDR1nKy4GsS%2FgL1vy7wko9vVaI348AITxjOgyQn4F%2F3t1O7N8jIsrjXGe2JDCutwXu1IjZT5u%2FwCoykRbGdLtUd9%2FckYD8YXnTO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880511666f9d56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pz.fknwqc.xyz/static/js/chunk-0e4a3105.163122e0.js

188.114.97.1

200 OK

52 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/js/chunk-0e4a3105.163122e0.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type

Size
52 kB (51585 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/chunk-0e4a3105.163122e0.js HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:43 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-c981"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MDYGi%2BD8DWBu6RUzOwvL856fWEs0jWTngIBRVd7gsvJYtPMZjdhwq4oGGJOix%2BR5aF5%2FQN0RK1i3%2FTsOhJwdC325Znr6ll2lq%2BoKK9m60cMDfwPUr%2FIhF5V%2FCzJnKsJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805116e48bb56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/favicon.ico

188.114.97.1

200 OK

4.3 kB

URL GET HTTP/3
pz.fknwqc.xyz/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
acff64426f7aaddf1c881be76a6ad940
5af50faadaf68be17edf5fa506b141e235b9241c
1f298123e1398094ed72614c67299a967c24ba3156b48889239d010ec3dffd56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:43 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-10be"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkuXEc2PTWAb9%2FvHLEHsokqxsPp9m2BFNN04mMjusr0HwfNCi0vfLOWBIIO3n9VOZNTORGM64tYnsaUJ6NyOqpQn%2FUKfRi3sLTrnaNA%2FS0nzutD8jn%2F5oC2%2FXlCCkYS%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805116f998b56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/img/pc_bg.af7ae776.jpg

188.114.97.1

200 OK

954 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/img/pc_bg.af7ae776.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 3840x2160, components 3
Size
954 kB (953888 bytes)
Hash
af7ae7760d177fc7dbd488cb7fabc75c
09855b8cb5b2c2ceb78a932821bad7180ed358fb
9f813e37c8c3cefebcd8f3af394b89fbb221fb558fc1cd6a0f267ff2863ecb23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/img/pc_bg.af7ae776.jpg HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/static/css/chunk-0e4a3105.2e169bf3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:43 GMT
content-type: image/jpeg
content-length: 953888
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: "662caa5c-e8e20"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Rl8qaQGWfubUeiUY6K0lbMvroH9cYTQuG2daLq7VNBvQQX1n2q7UBtQGHkxESLlLZti%2BBcglFb4SOmu%2Felfw%2FCAOiWmRT3aDwjXjnJ%2BKI8tgxxDg8s1Ql%2BNZVDhWbMJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88051171ca8f56a2-OSL
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/js/chunk-0e4a3105.163122e0.js

188.114.97.1

200 OK

52 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/js/chunk-0e4a3105.163122e0.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type

Size
52 kB (51585 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/chunk-0e4a3105.163122e0.js HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:44 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-c981"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsP0bn8rn4tL4tE27ha8EJJFmTgd%2Fn2fhe2m2X0XZl2%2BJZZbz2S2%2Bj3%2BsUVovrEwWsk0dOZTNxPz8DPfIbhXHej%2BX%2FqoSEgHBFa9Aj9WRpbNtsQu41B1MmtX%2FAkIMRFc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880511754c4356a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/css/chunk-vendors.87ba3b36.css

188.114.97.1

200 OK

99 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/css/chunk-vendors.87ba3b36.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
ASCII text, with very long lines (38507)
Size
99 kB (98591 bytes)
Hash
51e7e874614b4dc481fdaa41ad8e940c
08f67492b6481332961a9c05a8161f0f6d8e7b68
25be70c4089c7a3f2bba18588fc320c74618511183db799fff9d8b28dc1ab81e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/chunk-vendors.87ba3b36.css HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:42 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-1811f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1OnwgUhZDyfltJ%2BQ2%2BVZtzgiAsRSON%2Bflps3pdeDX%2FVMDCgbUW0LMUuibm%2FiKUEvnbSWv1nmRR9dWPFKgLteTk%2FEP%2BvLDK%2Fwm8v2yfswpy8%2FGdAE5A2gjoLrzyZNaCS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805116aaee356a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/css/chunk-0e4a3105.2e169bf3.css

188.114.97.1

200 OK

2.0 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/css/chunk-0e4a3105.2e169bf3.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
ASCII text, with very long lines (2042), with no line terminators
Size
2.0 kB (2042 bytes)
Hash
16a2a69546f8aa092a3f873aebac2263
ef4aef402f66b14719461c3528fbbbb8d78a8ae2
3b256f2951b1449a8c09c35a3912de70146e1ab28b3a86af5c8ac1281c8ddf1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/chunk-0e4a3105.2e169bf3.css HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:43 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-7fa"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zOY4BALrZwYVzJ6jg8BcJOy0rwpDH%2Fks65z%2FzNd8PA%2FwsG0y3M10qC6aRhyursAv1GNewneaOjjI6%2FiXAV4Yg8F8aXXYGXtDbq6rgMH8WM%2B%2FsDwBOfbGomy9bgwmqm%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805116e48b856a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/js/app.ae960299.js

188.114.97.1

200 OK

4.1 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/js/app.ae960299.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
JavaScript source, ASCII text, with very long lines (4303), with no line terminators
Size
4.1 kB (4131 bytes)
Hash
31c93e702153db0a1dfe57c5c76c8d19
4a075e8c7c86a18e43168186aaa4cfe7ddbc776c
f0c85c4308504aa4c2d74148cd35889a437cb041da9a12863b96bc83146d0be0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/app.ae960299.js HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:42 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-1023"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkKy%2FZqjnIp0Bsq4VO6lWs5d8L8IIvElFHQj2YL7OiV97vYjsf%2FQ1Q95f0pK04IJw%2Fa2VvOZEH4rhLGdFmWT8TgligMiP13QMp5%2BTXhofgnViYWUGy4DR2pXB0GQBN39"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805116aaee556a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/js/chunk-vendors.0cfa918a.js

188.114.97.1

200 OK

205 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/js/chunk-vendors.0cfa918a.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type

Size
205 kB (204766 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/chunk-vendors.0cfa918a.js HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:42 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-31fde"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9WwnXKvLgOV4OtC3f5fzq1YOPH3ZAy0R7sihf5luEBRuY2WXuT5JoUMhDn8JqkuRDqcBfaJymoa3cIA9FeKWn5n3NYYJ06aqxP8rpFNAELt7%2Fq2fWRYRLx4vZqHcQwi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8805116abee756a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pz.fknwqc.xyz/static/css/chunk-0e4a3105.2e169bf3.css

188.114.97.1

200 OK

2.0 kB

URL GET HTTP/3
pz.fknwqc.xyz/static/css/chunk-0e4a3105.2e169bf3.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pz.fknwqc.xyz/?ch=rh1mls721
Certificate
IssuerLet's Encrypt
Subjectfknwqc.xyz
Fingerprint40:73:04:AD:93:91:B7:E3:B2:17:F4:90:CE:CD:17:02:C1:CA:1B:C8
ValidityMon, 22 Apr 2024 07:25:14 GMT - Sun, 21 Jul 2024 07:25:13 GMT

File type
ASCII text, with very long lines (2042), with no line terminators
Size
2.0 kB (2042 bytes)
Hash
16a2a69546f8aa092a3f873aebac2263
ef4aef402f66b14719461c3528fbbbb8d78a8ae2
3b256f2951b1449a8c09c35a3912de70146e1ab28b3a86af5c8ac1281c8ddf1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/chunk-0e4a3105.2e169bf3.css HTTP/1.1
Host: pz.fknwqc.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://pz.fknwqc.xyz/?ch=rh1mls721
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:42:44 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:33:48 GMT
etag: W/"662caa5c-7fa"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cntR6Fh0FxKgP0dnvEmH9gOEO1AER8s9XAg%2BQF%2Bh%2FAfG40QFDWyT4TZjQzKfAqtN2uCrdhve3RQHPMQdCYIM6xtgrjIJtnuuWflvYKNw3Z3H%2BipmLx6AWccoZxi7xX%2BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880511754c4256a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type