Overview

URL naksbw.pl/
IP46.242.232.204
ASNhome.pl S.A.
Location Poland
Report completed2022-07-06 04:10:02 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 naksbw.pl/ Phishing
2022-07-06 2 naksbw.pl/data/templates/web/static/fonts/rawson-regular.woff2 Phishing
2022-07-06 2 naksbw.pl/data/templates/web/static/fonts/rawson-extrabold.woff2 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-06 2 naksbw.pl Sinkholed
2022-07-06 2 naksbw.pl Sinkholed
2022-07-06 2 naksbw.pl Sinkholed
2022-07-06 2 naksbw.pl Sinkholed
2022-07-06 2 naksbw.pl Sinkholed


Files

No files detected



Passive DNS (5)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (1) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-05 05:12:14 UTC 54.230.111.7
[Mnemonic Passive DNS] naksbw.pl (5) 0 No data No data 46.242.232.204 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (1) 344 2020-12-02 08:52:13 UTC 2022-07-05 04:59:43 UTC 23.36.76.226


Recent reports on same IP/ASN/Domain

No other reports on IP: 46.242.232.204


Last 10 reports on ASN: home.pl S.A.

Date UQ / IDS / BL URL IP
2022-08-11 11:08:58 +0000
0 - 0 - 1 fabrykakonwersji.pl/wp-content/plugins/super- (...) 79.96.128.235
2022-08-11 08:47:25 +0000
0 - 0 - 5 facebook-security.pl/ 46.242.248.121
2022-08-11 06:08:02 +0000
0 - 0 - 1 royal-meat.eu/nhcb.bns/5/login.php 46.242.238.111
2022-08-11 02:14:28 +0000
0 - 0 - 1 ahmedfahmy.name/logof.gif?191f2bd=52684154 89.161.227.139
2022-08-10 15:47:52 +0000
0 - 0 - 1 royal-meat.eu/nhcb.bns/5/login.php 46.242.238.111
2022-08-10 11:01:53 +0000
0 - 0 - 1 royal-meat.eu/nhcb.bns/5/login.php 46.242.238.111
2022-08-10 05:19:01 +0000
0 - 0 - 13 clearenergy.pl/ 46.242.240.19
2022-08-10 02:54:15 +0000
0 - 0 - 3 cleanfuture.pl/wp-content/plugins/wpforms-lit (...) 46.242.241.20
2022-08-09 18:32:54 +0000
0 - 0 - 39 bednarscy.pl/ 89.161.152.98
2022-08-09 18:16:44 +0000
0 - 0 - 13 mickiewicz.net.pl/ 89.161.173.240

No other reports on domain: naksbw.pl



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (9)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 03:56:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LPhIyC_1gcpRGJ4oB0LDrXeAYhc_edrwP2DTEvprJTOOgMofIF--Bw==
Age: 829


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _P3ylTtJ90yb1ZIFvQdSMat18u4EEwWLj6OJ-nozPAYWroyG7sayyA==
age: 2584
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET / HTTP/1.1 
Host: naksbw.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.242.232.204
HTTP/1.1 403 Forbidden
Content-Type: text/html
                                        
Date: Wed, 06 Jul 2022 04:09:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   499
Md5:    f44ca0c4ea74b6e131888405092d4601
Sha1:   13151e33d48a57ccb71fe95cecdac81874705194
Sha256: d2912ee072397f1be40062b98826eec5105c721d5d3c8e5dd3c7862223aa7456

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3585
Expires: Wed, 06 Jul 2022 05:09:34 GMT
Date: Wed, 06 Jul 2022 04:09:49 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 04:09:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /data/templates/web/static/style.css HTTP/1.1 
Host: naksbw.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://naksbw.pl/

                                         
                                         46.242.232.204
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 06 Jul 2022 04:09:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 23 Oct 2019 07:13:00 GMT
ETag: W/"714-5958ea59d5700"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   588
Md5:    c5d3d62fe122fef284080fa0f4ea365b
Sha1:   0d47ea0c253ca0cf5edb85023f219c846e160446
Sha256: 728085fb0b963aaf341b3f0dba3c95fcd3c84110fe9f6c186a77b15e807ed3d7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: naksbw.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://naksbw.pl/

                                         
                                         46.242.232.204
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Wed, 06 Jul 2022 04:09:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   504
Md5:    d3aff92b4ff3542e24efb45c9f66f7a0
Sha1:   adb17fa9455bab9cb9a5006936ebbcb8c0769fc5
Sha256: 1912e3a66eed520ad91486dcba3d68d75432df31af3c124d2c5bdd2b7db4b4fe

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /data/templates/web/static/fonts/rawson-regular.woff2 HTTP/1.1 
Host: naksbw.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://naksbw.pl/data/templates/web/static/style.css

                                         
                                         46.242.232.204
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Wed, 06 Jul 2022 04:09:49 GMT
Content-Length: 23028
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 23 Oct 2019 07:13:00 GMT
ETag: "59f4-5958ea59d5700"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23028, version 1.0\012- data
Size:   23028
Md5:    f028158fc16005a537c66a4d6598af7c
Sha1:   3fdec4610ef95f4ee7a6abfc338f04006a09e894
Sha256: d3808ea63a3a3759c8ff86e1fe683ab20126e1705cf99611e572d7e58bdd5fc5

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /data/templates/web/static/fonts/rawson-extrabold.woff2 HTTP/1.1 
Host: naksbw.pl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://naksbw.pl/data/templates/web/static/style.css

                                         
                                         46.242.232.204
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Wed, 06 Jul 2022 04:09:49 GMT
Content-Length: 22944
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 23 Oct 2019 07:13:00 GMT
ETag: "59a0-5958ea59d5700"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22944, version 1.0\012- data
Size:   22944
Md5:    40c952fdd20631980d4c481029b7fd65
Sha1:   5e09dfc6785c01ff2004c692969745522bda4c25
Sha256: d9596b099a4e2a828afd20946ff600c8f2e03b5ff0b295b4950e14f8ebbefae2

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed