Report - goniecgminny.rent/

Report Overview

Submitted URL
goniecgminny.rent/
IP
104.21.52.211
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 03:34:39
Access
public
Website Title
Index of /
Final URL
goniecgminny.rent/
Tags
opendir
urlquery detections
Audit - Open directory

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
goniecgminny.rent	unknown	2024-04-10	2024-04-10	2024-04-10	2.2 kB	20 kB	104.21.52.211

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	goniecgminny.rent	Sinkholed
2024-04-25	medium	goniecgminny.rent	Sinkholed
2024-04-25	medium	goniecgminny.rent	Sinkholed
2024-04-25	medium	goniecgminny.rent	Sinkholed
2024-04-25	medium	goniecgminny.rent	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	goniecgminny.rent/_autoindex/assets/js/tablesort.js	7.7 kB	2023-03-07	2024-05-04
Pretty URL goniecgminny.rent/_autoindex/assets/js/tablesort.js IP 104.21.52.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-05-04 14:59:56 Times Seen9043 Hash 0fa71bf6cb125ddac365683ea3352cb0 b94eeac8764b23ab614d148007c360fd2ab46f58 6a6b3fd328d213b1c6211581fc0dd5b56dd9db878e4fee73d33f5dd699aced3e Loading...

	goniecgminny.rent/_autoindex/assets/js/tablesort.number.js	682 B	2023-03-07	2024-05-04
Pretty URL goniecgminny.rent/_autoindex/assets/js/tablesort.number.js IP 104.21.52.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-05-04 14:59:56 Times Seen9045 Hash 377b82a88aeda884475d40fa1051c70a e7619035db4c628248b82237f3a99683e29ed7a4 5ff78b7ea9124ad40c205b606048c819dbbdc9c708105961d89859f79092cd07 Loading...

	goniecgminny.rent/	58 B	2023-04-05	2024-05-04
Pretty URL goniecgminny.rent/ IP 104.21.52.211 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 03:56:22 Last Seen2024-05-04 14:59:56 Times Seen3860 Hash 821524a21b9d31d8e5d87899a346e04a 92582c750f6ff8ddb212023b48fc49fe40891d75 7b0cac9d1c981314ca25d8d0f4c4dcf1b2dec8f0a8a5b46ee029c6754a9f7edc Loading...

HTTP Transactions (5)

URL IP Response Size

goniecgminny.rent/_autoindex/assets/css/autoindex.css

104.21.52.211

200 OK

6.0 kB

URL GET HTTP/3
goniecgminny.rent/_autoindex/assets/css/autoindex.css
IP
104.21.52.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goniecgminny.rent/
Certificate
IssuerLet's Encrypt
Subjectgoniecgminny.rent
FingerprintA8:1A:15:EC:4A:16:72:3D:89:74:D7:08:F6:07:16:66:12:A1:84:FA
ValidityWed, 10 Apr 2024 10:59:36 GMT - Tue, 09 Jul 2024 10:59:35 GMT

File type
ASCII text
Size
6.0 kB (5965 bytes)
Hash
590db3a115b1e82a26b09f98964030a5
e792179b620700c09bd763ebf3b5f163fd18f213
37e1e1cbb4256d8006ccfcc7c7c8e891276191714768291589b40483d3f0fe46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_autoindex/assets/css/autoindex.css HTTP/1.1
Host: goniecgminny.rent
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goniecgminny.rent/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:34:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 03:34:14 GMT
last-modified: Thu, 08 Feb 2024 08:50:34 GMT
etag: W/"dea-65c495da-7ffcae95b3e402aa;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQm1QZ9CC1SrFTrSC4sFeDK2%2BXykLgWRgx5CPWDRtbursyDEYpIiwGqXyMvjxCJcH%2BDUR7TT8GEfFWgs6JnDmrKZYvOMM2So1EYBWCtwNFBEpZgZduXbETM7g4MAEA6F9%2FCtVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b46b5b819568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

goniecgminny.rent/

104.21.52.211

200 OK

1.0 kB

URL User Request GET HTTP/2
goniecgminny.rent/
IP
104.21.52.211:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgoniecgminny.rent
FingerprintA8:1A:15:EC:4A:16:72:3D:89:74:D7:08:F6:07:16:66:12:A1:84:FA
ValidityWed, 10 Apr 2024 10:59:36 GMT - Tue, 09 Jul 2024 10:59:35 GMT

File type
HTML document, ASCII text, with very long lines (1097), with no line terminators
Size
1.0 kB (1037 bytes)
Hash
b5386161b886e6894fc92638f350a4af
c6088c3f6735b4ee013e6ad6ae7949cd7f94902e
446391811255f315b4facc052516372647117cf10cd63865e87131300fb9dfe5

Detections

Analyzer	Verdict	Alert
urlquery	none	Audit - Open directory
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: goniecgminny.rent
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:34:14 GMT
content-type: text/html
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBqeOyIty7PYSksufxBnawiFec7DwVL1v8ItHBcs%2BS%2F%2B%2BiAaN%2FI9z9WmMagL%2BiWYzdni0Ck4QA0iNJTyf%2FffPCB%2BRoARGbOCWuuZ8tvzYa%2FhD6%2FDbu19yEwMxPt7%2BYP7xYgC8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b46b388161c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

goniecgminny.rent/_autoindex/assets/js/tablesort.js

104.21.52.211

200 OK

7.7 kB

URL GET HTTP/3
goniecgminny.rent/_autoindex/assets/js/tablesort.js
IP
104.21.52.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goniecgminny.rent/
Certificate
IssuerLet's Encrypt
Subjectgoniecgminny.rent
FingerprintA8:1A:15:EC:4A:16:72:3D:89:74:D7:08:F6:07:16:66:12:A1:84:FA
ValidityWed, 10 Apr 2024 10:59:36 GMT - Tue, 09 Jul 2024 10:59:35 GMT

File type
JavaScript source, ASCII text, with very long lines (7985), with no line terminators
Size
7.7 kB (7706 bytes)
Hash
48ee22324334f5bca0df015bba23121a
0e0c5036636bbe9f10208208bb8613b4e1fb00f1
24c953fd5819693d6f0d13adaffb8669d299dce4e3001b2cbece6fd01ab7ef21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_autoindex/assets/js/tablesort.js HTTP/1.1
Host: goniecgminny.rent
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goniecgminny.rent/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:34:14 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 03:34:14 GMT
last-modified: Thu, 08 Feb 2024 08:50:34 GMT
etag: W/"1e1a-65c495da-9211195337e187a8;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82Li0m8wyutLbkr79%2FI7Cc1IPco3iQ7ndhn71QdwoY9PVJ6DAI%2FaC83I15cmDcEWxZSRBeGIbiI2l7SWHNYvujBB2OHgLi7u65695mEqdG%2FjpxQsAsIIQzYiJ4Emi7aPDdgWKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b46b5b81a568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

goniecgminny.rent/_autoindex/assets/js/tablesort.number.js

104.21.52.211

200 OK

682 B

URL GET HTTP/3
goniecgminny.rent/_autoindex/assets/js/tablesort.number.js
IP
104.21.52.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goniecgminny.rent/
Certificate
IssuerLet's Encrypt
Subjectgoniecgminny.rent
FingerprintA8:1A:15:EC:4A:16:72:3D:89:74:D7:08:F6:07:16:66:12:A1:84:FA
ValidityWed, 10 Apr 2024 10:59:36 GMT - Tue, 09 Jul 2024 10:59:35 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (712), with no line terminators
Size
682 B (682 bytes)
Hash
8f87cacc94e1eacc5ca2c79436478048
2e19d7f9f49a594a8af90b660d19e40e60795513
e982b91f06affaff52ab9c5c38567dc129020becf7499a9c4e2d633757f814fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_autoindex/assets/js/tablesort.number.js HTTP/1.1
Host: goniecgminny.rent
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goniecgminny.rent/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:34:14 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 03:34:14 GMT
last-modified: Thu, 08 Feb 2024 08:50:34 GMT
etag: W/"2aa-65c495da-bbc47acb13d3511c;br"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FciUQRIxFsUlIZa661Ub3Yw2h8wrlG6RITc0bNouw0pvXXyELR%2BgRnMrV1waToMuJgDRedlbJBAXWLX7vL512FrLMoPiiuCg4g5hsmS0THCPDDKTNZwWkpUkQcH1srDWK5ZSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b46b5b81b568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

goniecgminny.rent/favicon.ico

104.21.52.211

404 Not Found

1.2 kB

URL GET HTTP/3
goniecgminny.rent/favicon.ico
IP
104.21.52.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goniecgminny.rent/
Certificate
IssuerLet's Encrypt
Subjectgoniecgminny.rent
FingerprintA8:1A:15:EC:4A:16:72:3D:89:74:D7:08:F6:07:16:66:12:A1:84:FA
ValidityWed, 10 Apr 2024 10:59:36 GMT - Tue, 09 Jul 2024 10:59:35 GMT

File type
HTML document, ASCII text, with very long lines (1276), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: goniecgminny.rent
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goniecgminny.rent/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 03:34:14 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVyYiEp0cyxq1KFx0PtNB4fBzyhssst8aiVTYFOOcWfI3gzF1RQSg3BSsc%2FjOUj8K5g6iS7UxdEzQPuy04YRP%2BXqTK5ABb6M2IlLdZ4fpHu6seAhb%2BkvLxaL0XleKu6sAY1BrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b46b6685e568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN