{"report_id":"edf5013f-f54b-43ff-9ec7-a889e885c2ec","version":6,"status":"done","tags":["opendir"],"date":"2024-02-11T13:07:57Z","url":{"schema":"http","addr":"kherbs.com/mashoil.com/","fqdn":"kherbs.com","domain":"kherbs.com","tld":"com"},"ip":{"addr":"192.249.117.20","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"kherbs.com/mashoil.com/","fqdn":"kherbs.com","domain":"kherbs.com","tld":"com"},"title":"Index of /mashoil.com"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T00:30:21Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"kherbs.com","ip":{"addr":"192.249.117.20","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"domain_registered":"2023-09-05","domain_rank":0,"first_seen":"2021-01-30 03:41:31","last_seen":"2024-02-11 07:03:59","alert_count":1,"request_count":2,"received_data":916,"sent_data":916,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Audit - Open directory","verdict":"none","severity":"audit","comment":"","tags":["opendir"],"meta":null}]},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kherbs.com/mashoil.com/","fqdn":"kherbs.com","domain":"kherbs.com","tld":"com"},"ip":{"addr":"192.249.117.20","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-02-11T13:07:32.029Z","timestamp":1707656852029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kherbs.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Sat, 13 Jan 2024 00:00:00 GMT","end":"Fri, 12 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3D:D2:69:49:D0:8F:15:B5:B5:D4:2C:B1:99:19:B2:FA:22:F5:2A:D4","sha256":"49:0F:CA:36:34:E5:B6:9D:69:CE:B6:F4:7A:A2:49:16:D7:12:B3:B1:63:9D:A8:45:62:8D:D9:08:1D:E1:94:3B"}}},"request":{"raw":"GET /mashoil.com/ HTTP/1.1\r\nHost: kherbs.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 308\r\ncontent-type: text/html;charset=ISO-8859-1\r\ndate: Sun, 11 Feb 2024 13:07:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":308,"size_decoded":612,"mime_type":"text/html; charset=ISO-8859-1","magic":"HTML document, ASCII text","md5":"5d91b7fbbd3bd431635e378a8d87d858","sha1":"07b944084c8a1430106c0ca3e8d4d54b976be3b3","sha256":"bb622244b3a20202348af71311d4b93f2d1e897cfc7ca0cb10f1d9d8a540d7ae","sha512":"d959784eb9570ee77dffe9983345c336b2cd9187b84a29095394a09f80f0b51396bfcd9641f238fbe39f0f76c28678cadd123f220371ada4d7dcd2d308ec8c54","ssdeep":"","tlshash":"a4f02849a4e032776d92351e50407dce88e2c5f942b19db47c0f7493ce85eb491071ea","first_seen":"2024-08-20T09:54:20.323096Z","last_seen":"2024-08-20T09:54:20.323096Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1241,"timings":{"blocked":535,"dns":114,"connect":165,"send":0,"wait":171,"receive":0,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Audit - Open directory","verdict":"none","severity":"audit","comment":"","tags":["opendir"],"meta":null}]}},{"url":{"schema":"https","addr":"kherbs.com/favicon.ico","fqdn":"kherbs.com","domain":"kherbs.com","tld":"com"},"ip":{"addr":"192.249.117.20","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kherbs.com/mashoil.com/","date":"2024-02-11T13:07:32.978Z","timestamp":1707656852978,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kherbs.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Sat, 13 Jan 2024 00:00:00 GMT","end":"Fri, 12 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"3D:D2:69:49:D0:8F:15:B5:B5:D4:2C:B1:99:19:B2:FA:22:F5:2A:D4","sha256":"49:0F:CA:36:34:E5:B6:9D:69:CE:B6:F4:7A:A2:49:16:D7:12:B3:B1:63:9D:A8:45:62:8D:D9:08:1D:E1:94:3B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kherbs.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kherbs.com/mashoil.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 236\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sun, 11 Feb 2024 13:07:33 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":236,"size_decoded":236,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text, with no line terminators","md5":"3dea6e4a74ae5c8a6b8dd3bae0de6081","sha1":"0b2672db2629a86272ca21084220113c548195db","sha256":"6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362","sha512":"9b86bd1b8867c44ad5431a94991e517f73a639f03bfca39daf2bc6a9883c5c68e0ca8b69662a2a48e35922960f80b0679eb8e9cb7bacdac6ef93d46c4b10a9d4","ssdeep":"","tlshash":"5dd0a7bff2055219899611605bd523c11d8f4337f1b45522284db07550547fecc832a5","first_seen":"2023-04-05T13:31:58Z","last_seen":"2026-04-03T19:06:00.437461Z","times_seen":4477,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}