Report - 16mncg.com/

Report Overview

Visited public
2025-06-07 07:25:24
Tags
Submit Tags
URL
16mncg.com/
Finishing URL
16mncg.com/
IP / ASN
204.11.56.48
#40034 CONFLUENCE-NETWORK-INC
Title
16mncg.com/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
realworldsearch.com	unknown	2024-12-04	2025-01-06	2025-06-02	826 B	0 B	0.0.0.0
sedoparking.com	50712	2001-09-18	2012-06-01	2025-06-07	434 B	1.5 kB	64.190.63.136
16mncg.com	unknown	unknown	No data	No data	906 B	3.8 kB	204.11.56.48

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-07	medium	realworldsearch.com	Sinkholed
2025-06-07	medium	realworldsearch.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	16mncg.com/	ScriptElement	8 B	2023-03-07	2025-07-07
Pretty URL 16mncg.com/ IP 204.11.56.48 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-07 04:25 Times Seen7062 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	16mncg.com/	ScriptElement	512 B	2025-06-07	2025-06-07
Pretty URL 16mncg.com/ IP 204.11.56.48 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 07:25 Last Seen2025-06-07 07:25 Times Seen1 Hash a08bde8ce0daa69696d63f5f897bfbaf f713e6b3ee9796080ef63f6d4661cf57225a1314 fac524cbd5a52b80f6738be3cf3c944167c780173014acffc08dc020fb61de23 Loading...

	16mncg.com/	ScriptElement	239 B	2023-03-08	2025-06-25
Pretty URL 16mncg.com/ IP 204.11.56.48 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 01:57 Last Seen2025-06-25 20:45 Times Seen11 Hash a6f820b72dfe05d7b8b6911b80b79c88 537ad5cf36ad9d855ea4c2ec8958df97a09d3f1e ab4587203080c1cab45250cd737c885d04feffb9a6d7e18e8f3a48ef78f9dc58 Loading...

	sedoparking.com/frmpark/16mncg.com/Skenzor6/park.js	ScriptElement	1.3 kB	2025-06-07	2025-06-07
Pretty URL sedoparking.com/frmpark/16mncg.com/Skenzor6/park.js IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 07:25 Last Seen2025-06-07 07:25 Times Seen1 Hash 87676ce312f788b3e766a23a16f62abc 41936d36313749695d788690a95eeec55dff11fa 3f13d325cc1b57be77603f5cb344847d0d8fbb4df7b1776e6e8805b6b1989975 Loading...

	16mncg.com/	ScriptElement	77 B	2023-03-07	2025-07-07
Pretty URL 16mncg.com/ IP 204.11.56.48 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-07-07 02:37 Times Seen382 Hash d5630c59e7893a1368ebb34a973c8956 fdb0bc9c507522a0b946c99bae6bda6fa96a690e 01d9b1f2503cb005dbd83ba5643ca5ab30c7c6a2abe967ab704873d62aabc0e3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3059bb5c55f547cf5a341282ed54fa7f	121 B	2025-06-07 07:25	2025-06-07 07:25
Pretty Observations First Seen2025-06-07 07:25 Last Seen2025-06-07 07:25 Times Seen1 Hash 3059bb5c55f547cf5a341282ed54fa7f 60f093bbe60acc93cc59974e92e22ea05c00f6a2 7bf14bf32b3e2f251adcc1a345d5dfcf39062d315db3475ba7acc7ab9a64cb4a Loading...

HTTP Transactions (5)

URL IP Response Size

GET 16mncg.com/favicon.ico

204.11.56.48

404 Not Found

10 B

URL GET
16mncg.com/favicon.ico
IP
204.11.56.48:443
ASN
#40034 CONFLUENCE-NETWORK-INC

Requested by
https://16mncg.com/
Certificate
IssuerZeroSSL
Subject16mncg.com
FingerprintD9:6C:0D:56:7E:50:CF:E6:AC:8D:E6:AA:89:B5:21:0B:73:96:6C:07
ValidityThu, 05 Jun 2025 00:00:00 GMT - Wed, 03 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
6608dd3e21ca3beabd4bdfa625a0b221
e926d0f8694a4bc4013308afaca7af51e4c9fd9f
c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 16mncg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://16mncg.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty
Date: Sat, 07 Jun 2025 07:24:55 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")

GET 16mncg.com/

204.11.56.48

200 OK

2.3 kB

URL User Request GET
16mncg.com/
IP
204.11.56.48:443
ASN
#40034 CONFLUENCE-NETWORK-INC

Certificate
IssuerZeroSSL
Subject16mncg.com
FingerprintD9:6C:0D:56:7E:50:CF:E6:AC:8D:E6:AA:89:B5:21:0B:73:96:6C:07
ValidityThu, 05 Jun 2025 00:00:00 GMT - Wed, 03 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (770), with CRLF, LF line terminators
Size
2.3 kB (2309 bytes)
Hash
be385057fc4567c13a597b3e8e09de41
23090aa11d0b69454339089aea61476ee99e99d4
d8072f76a656f55a5f0e1dc7b36bb498e730e3049316373b114940a9ab33e913

HTTP Headers

GET / HTTP/1.1
Host: 16mncg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 07 Jun 2025 07:24:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2309
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_kML5G6lclxs5GnCy72ufKbatheinD64M52ZTyBTT3Fj2yq4avAeLvvZf1gu5zMZcpRE+odRAD2Xd53cJ3lwdYA==

GET realworldsearch.com/px.js?ch=2

0.0.0.0

0 B

URL GET
realworldsearch.com/px.js?ch=2
IP
0.0.0.0:0
ASN
#0

Requested by
https://16mncg.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /px.js?ch=2 HTTP/1.1
Host: realworldsearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://16mncg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET realworldsearch.com/px.js?ch=1

0.0.0.0

0 B

URL GET
realworldsearch.com/px.js?ch=1
IP
0.0.0.0:0
ASN
#0

Requested by
https://16mncg.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /px.js?ch=1 HTTP/1.1
Host: realworldsearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://16mncg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET sedoparking.com/frmpark/16mncg.com/Skenzor6/park.js

64.190.63.136

200 OK

1.3 kB

URL GET
sedoparking.com/frmpark/16mncg.com/Skenzor6/park.js
IP
64.190.63.136:443
ASN
#47846 SEDO GmbH

Requested by
https://16mncg.com/
Certificate
IssuerDigiCert Inc
Subjectsedoparking.com
Fingerprint45:61:0E:D1:43:DE:A0:DC:79:8A:43:F4:8E:17:DD:B2:3A:40:7C:23
ValidityMon, 23 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT

File type
ASCII text, with very long lines (987)
Size
1.3 kB (1277 bytes)
Hash
87676ce312f788b3e766a23a16f62abc
41936d36313749695d788690a95eeec55dff11fa
3f13d325cc1b57be77603f5cb344847d0d8fbb4df7b1776e6e8805b6b1989975

HTTP Headers

GET /frmpark/16mncg.com/Skenzor6/park.js HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://16mncg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Sat, 07 Jun 2025 07:25:04 GMT
server: Parking/1.0
vary: Accept-Encoding
x-cache-miss-from: parking-5b56c79c57-brrjc
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (5)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by