Report - cipani.in/gnome2/rentfree.zip

Report Overview

Visited public
2023-11-06 11:09:26
Tags
URL
cipani.in/gnome2/rentfree.zip
Finishing URL
cipani.in/gnome2/rentfree.zip
IP / ASN
43.255.154.95
#26496 AS-26496-GO-DADDY-COM-LLC
Title
Cipani

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

100

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cipani.in	unknown	2020-06-11	2022-11-17 11:26:07	2023-11-06 08:56:59	8.8 kB	180 kB	43.255.154.95
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-04 10:20:57	733 B	2.1 kB	142.250.74.164
maps.googleapis.com	33876	2005-01-25	2019-10-17 17:56:16	2023-11-06 08:17:11	4.2 kB	226 kB	142.250.74.170
maps.gstatic.com	unknown	2008-02-11	2016-01-11 17:55:17	2023-11-06 08:14:56	432 B	62 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-06 11:09:09	high	Client IP	43.255.154.95	ThreatFox payload delivery (url - confidence level: 100%)
2023-11-06 11:09:09	high	Client IP	43.255.154.95	ThreatFox payload delivery (url - confidence level: 100%)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed
2023-11-06	medium	cipani.in	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 11:46 Times Seen4635690 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cipani.in/gnome2/rentfree.zip	ScriptElement	118 B	2023-08-07	2024-08-20
Pretty URL cipani.in/gnome2/rentfree.zip IP 43.255.154.95 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-07 21:18 Last Seen2024-08-20 20:42 Times Seen2 Hash fa61e4ee610705aab6601c100d1f00ad 6627fef84f7f7fff0e278b054e0c240fa0efc791 1452ac99faa5b80a449595c7c95ce3c93809d28eb34a1a1ca69f05d2ecacfe07 Loading...

	maps.googleapis.com/maps-api-v3/api/js/54/12/common.js	ScriptElement	260 kB	2023-11-01	2024-08-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/54/12/common.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:03 Last Seen2024-08-20 21:28 Times Seen1986 Hash 62dd4694504b9493499887d729e7d456 31e1581fda82bcbe5971f202b686a7f2d16d3394 0b6fb8c2b9ee6b41540fd549a726e431eb8667074da38d94af8a647ae05e9da7 Loading...

	cipani.in/gnome2/rentfree.zip	ScriptElement	126 B	2023-03-14	2025-05-06
Pretty URL cipani.in/gnome2/rentfree.zip IP 43.255.154.95 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 08:41 Last Seen2025-05-06 13:25 Times Seen3 Hash 3ab576f28fcf83936751b211a161e85f 3049539f596baebc965eb6a7b259a0d6362f13b3 b333bd0b437f760b8191313f8c4e38c6b03985d2a545727d205ee0b7ff0bd694 Loading...

	cipani.in/gnome2/rentfree.zip	ScriptElement	487 B	2023-03-07	2025-05-06
Pretty URL cipani.in/gnome2/rentfree.zip IP 43.255.154.95 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:20 Last Seen2025-05-06 13:25 Times Seen15 Hash 10ddb114d9d5ae29c40f7c92dcc82d32 40e086a9e65e1947af700a90c9980ff047e82d01 b5fba2ab478b019d3e5d1357b12c7fd9582b894c9747d1609e02b0f9cd58a44d Loading...

	cipani.in/gnome2/rentfree.zip	ScriptElement	189 B	2023-08-07	2024-08-20
Pretty URL cipani.in/gnome2/rentfree.zip IP 43.255.154.95 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-07 21:18 Last Seen2024-08-20 20:42 Times Seen2 Hash e2c91a5619382d3b28c831e41fa4a408 9a057f9feffcaa885eeb2cd1108dae381a2da474 8055c0a4c9bf90552d55396f1ae30f6e01b2b4f258e6c4ba8893104731f27811 Loading...

	maps.googleapis.com/maps-api-v3/api/js/54/12/overlay.js	ScriptElement	3.4 kB	2023-11-01	2024-08-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/54/12/overlay.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:51 Last Seen2024-08-20 21:28 Times Seen553 Hash 9cb59080ba28e1e94249fb002d2ed6d1 12714aa8fcd4ddb2128694d39c543933f2101378 daaee0418187dbf0f8f78a3556c6301988a36fc329615a604aa815eaab279b1d Loading...

	maps.googleapis.com/maps-api-v3/api/js/54/12/onion.js	ScriptElement	27 kB	2023-11-01	2024-08-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/54/12/onion.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:51 Last Seen2024-08-20 21:28 Times Seen679 Hash 5cfb8a4f1948483137df2331d33729f8 d206b11ec500325e979e635332ae5528f6f5c008 01112b7e0e5e756b2300397441f7a014da06ba83bbea0f25e440534b74f0196e Loading...

	maps.gstatic.com/maps-api-v3/embed/js/54/12/init_embed.js	ScriptElement	233 kB	2023-11-01	2023-11-15
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/54/12/init_embed.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:51 Last Seen2023-11-15 17:02 Times Seen534 Hash 215fd8522d163529fcd4c604cc7f39e0 7f3bde66651fc460c4a5131956fdd0c3b9c060fd 272c55307870e4b4e6c10046ffcd1e34ba4e2af7773af1d41bc9aa00cd125370 Loading...

	cipani.in/gnome2/rentfree.zip	ScriptElement	307 B	2023-03-07	2025-05-06
Pretty URL cipani.in/gnome2/rentfree.zip IP 43.255.154.95 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:06 Last Seen2025-05-06 13:25 Times Seen79 Hash df876461e256a554fad4af50a5f69f01 b25fcf16c5906e69966f704c52598dc9739a09e3 33ab2417b626db5321eb04b281b7b8a44588d83a8f024667f584f158a9edec59 Loading...

	maps.googleapis.com/maps-api-v3/api/js/54/12/search_impl.js	ScriptElement	2.9 kB	2023-11-01	2023-11-15
Pretty URL maps.googleapis.com/maps-api-v3/api/js/54/12/search_impl.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:51 Last Seen2023-11-15 17:02 Times Seen484 Hash 94f68b8ef3faf1f54ca75788567bc22c fce6150d0f73f47a906f70eb169e14be7ab4dac0 b7b353d6e59ba7351a4d90a674f7abca75ecb191dfad82a834ae21ca7dc92883 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad	ScriptElement	182 kB	2023-11-06	2023-11-06
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 06:54 Last Seen2023-11-06 16:07 Times Seen8 Hash baa3a562077b8465113fca11034a4ccb 61bdee4792e4e2b1133e3c8ca972e90ec7c6df07 cffc24f212c73b2d8d016fa21671a6c8d456ec23222dc044cfaa63e3619e128c Loading...

	cipani.in/gnome2/rentfree.zip	ScriptElement	188 B	2023-03-07	2025-05-06
Pretty URL cipani.in/gnome2/rentfree.zip IP 43.255.154.95 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:06 Last Seen2025-05-06 13:25 Times Seen84 Hash 7c33063f5aeee241eacca5c53ac22402 98a582546b2cccbbe822db28f2c195b784b89332 677c43c7285c4deb83eb939d04316193210ba6224addda11222c8ac4c6d2ea7d Loading...

	maps.googleapis.com/maps-api-v3/api/js/54/12/util.js	ScriptElement	159 kB	2023-11-01	2024-08-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/54/12/util.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:03 Last Seen2024-08-20 21:28 Times Seen1983 Hash dd9a0890c6719e8bbaf67f14c6032e48 645a019ec207a0c321401b6d0d05da505f9917b7 206b430ad8e96d2f58a4c4cc6d2e5b97b40a1b62d9c1a7b027409b376da8c1de Loading...

	maps.googleapis.com/maps-api-v3/api/js/54/12/map.js	ScriptElement	72 kB	2023-11-01	2024-08-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/54/12/map.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 20:51 Last Seen2024-08-20 21:28 Times Seen855 Hash 98b9da30adbfcdf82b73aad9ecd82aa4 c8cb52c799572c5bfed152d2de8fc8692ef0ea92 6dd82e5f3aea83251ff310c726962f06818d2137aec27f77bb5694d465cad44b Loading...

HTTP Transactions (36)

URL IP Response Size

cipani.in/gnome2/rentfree.zip

43.255.154.95

6.9 kB

URL User Request GET
cipani.in/gnome2/rentfree.zip
IP
43.255.154.95:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	high	ThreatFox payload delivery (url - confidence level: 100%)
suricata	high	ThreatFox payload delivery (url - confidence level: 100%)

HTTP Headers

GET /gnome2/rentfree.zip HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645

142.250.74.164

200 OK

1.4 kB

URL GET HTTP/2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
http://cipani.in/gnome2/rentfree.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF5:CC:DA:B5:BA:1E:14:14:44:CC:27:90:92:CC:60:1F:5F:08:AF:77
ValidityMon, 16 Oct 2023 08:10:46 GMT - Mon, 08 Jan 2024 08:10:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2714)
Size
1.4 kB (1449 bytes)
Hash
6359a425e7d2825de02c3ed346e2dadd
3c824415f2db190a2307785b3f65ce995712eb9e
05d1caea351fb0192b5e31925eb353fb70540b8277fd19a0a7902a6db2dd1703

HTTP Headers

GET /maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
pragma: no-cache
vary: Accept-Language, Origin, X-Origin, Referer
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-T-nbsdNYsqK-Q5AG7Z2V9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Mon, 06 Nov 2023 11:09:09 GMT
server: scaffolding on HTTPServer2
content-length: 1449
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cipani.in/gnome2/css/flexslider.css

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/css/flexslider.css
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/css/flexslider.css HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/css/JiSlider.css

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/css/JiSlider.css
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/css/JiSlider.css HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/css/simplelightbox.min.css

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/css/simplelightbox.min.css
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/css/simplelightbox.min.css HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/css/bootstrap.css

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/css/bootstrap.css
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/css/bootstrap.css HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/jquery-2.1.4.min.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/jquery-2.1.4.min.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/jquery-2.1.4.min.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/JiSlider.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/JiSlider.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/JiSlider.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/jquery.flexslider.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/jquery.flexslider.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/jquery.flexslider.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:09 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad

142.250.74.170

200 OK

62 kB

URL GET HTTP/2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (2494)
Size
62 kB (62529 bytes)
Hash
baa3a562077b8465113fca11034a4ccb
61bdee4792e4e2b1133e3c8ca972e90ec7c6df07
cffc24f212c73b2d8d016fa21671a6c8d456ec23222dc044cfaa63e3619e128c

HTTP Headers

GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Nov 2023 11:09:10 GMT
server: scaffolding on HTTPServer2
content-length: 62529
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cipani.in/gnome2/js/SmoothScroll.min.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/SmoothScroll.min.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/SmoothScroll.min.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/move-top.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/move-top.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/move-top.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/numscroller-1.0.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/numscroller-1.0.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/numscroller-1.0.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.170

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Nov 2023 11:09:10 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.gstatic.com/maps-api-v3/embed/js/54/12/init_embed.js

142.250.74.163

200 OK

61 kB

URL GET HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/54/12/init_embed.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (2161)
Size
61 kB (61348 bytes)
Hash
215fd8522d163529fcd4c604cc7f39e0
7f3bde66651fc460c4a5131956fdd0c3b9c060fd
272c55307870e4b4e6c10046ffcd1e34ba4e2af7773af1d41bc9aa00cd125370

HTTP Headers

GET /maps-api-v3/embed/js/54/12/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:06 GMT
expires: Thu, 31 Oct 2024 18:31:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:53:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cipani.in/gnome2/js/easing.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/easing.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/easing.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/jquery.vide.min.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/jquery.vide.min.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/jquery.vide.min.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/css/font-awesome.min.css

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/css/font-awesome.min.css
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/css/font-awesome.min.css HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/css/style.css

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/css/style.css
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/css/style.css HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/bootstrap.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/bootstrap.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/bootstrap.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/js/simple-lightbox.min.js

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/js/simple-lightbox.min.js
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/js/simple-lightbox.min.js HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

maps.googleapis.com/maps-api-v3/api/js/54/12/map.js

142.250.74.170

200 OK

24 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/54/12/map.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (2379)
Size
24 kB (23649 bytes)
Hash
98b9da30adbfcdf82b73aad9ecd82aa4
c8cb52c799572c5bfed152d2de8fc8692ef0ea92
6dd82e5f3aea83251ff310c726962f06818d2137aec27f77bb5694d465cad44b

HTTP Headers

GET /maps-api-v3/api/js/54/12/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 23649
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:07 GMT
expires: Thu, 31 Oct 2024 18:31:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:52:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/54/12/common.js

142.250.74.170

200 OK

57 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/54/12/common.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (4584)
Size
57 kB (57367 bytes)
Hash
62dd4694504b9493499887d729e7d456
31e1581fda82bcbe5971f202b686a7f2d16d3394
0b6fb8c2b9ee6b41540fd549a726e431eb8667074da38d94af8a647ae05e9da7

HTTP Headers

GET /maps-api-v3/api/js/54/12/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57367
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:07 GMT
expires: Thu, 31 Oct 2024 18:31:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:52:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/54/12/util.js

142.250.74.170

200 OK

50 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/54/12/util.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (584)
Size
50 kB (50370 bytes)
Hash
dd9a0890c6719e8bbaf67f14c6032e48
645a019ec207a0c321401b6d0d05da505f9917b7
206b430ad8e96d2f58a4c4cc6d2e5b97b40a1b62d9c1a7b027409b376da8c1de

HTTP Headers

GET /maps-api-v3/api/js/54/12/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 50370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:07 GMT
expires: Thu, 31 Oct 2024 18:31:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:52:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/54/12/search_impl.js

142.250.74.170

200 OK

1.3 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/54/12/search_impl.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (1515)
Size
1.3 kB (1282 bytes)
Hash
94f68b8ef3faf1f54ca75788567bc22c
fce6150d0f73f47a906f70eb169e14be7ab4dac0
b7b353d6e59ba7351a4d90a674f7abca75ecb191dfad82a834ae21ca7dc92883

HTTP Headers

GET /maps-api-v3/api/js/54/12/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:07 GMT
expires: Thu, 31 Oct 2024 18:31:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:52:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/54/12/onion.js

142.250.74.170

200 OK

9.0 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/54/12/onion.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (2319)
Size
9.0 kB (9007 bytes)
Hash
5cfb8a4f1948483137df2331d33729f8
d206b11ec500325e979e635332ae5528f6f5c008
01112b7e0e5e756b2300397441f7a014da06ba83bbea0f25e440534b74f0196e

HTTP Headers

GET /maps-api-v3/api/js/54/12/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 9007
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:07 GMT
expires: Thu, 31 Oct 2024 18:31:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:52:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/54/12/overlay.js

142.250.74.170

200 OK

1.3 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/54/12/overlay.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (1152)
Size
1.3 kB (1281 bytes)
Hash
9cb59080ba28e1e94249fb002d2ed6d1
12714aa8fcd4ddb2128694d39c543933f2101378
daaee0418187dbf0f8f78a3556c6301988a36fc329615a604aa815eaab279b1d

HTTP Headers

GET /maps-api-v3/api/js/54/12/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Nov 2023 18:31:07 GMT
expires: Thu, 31 Oct 2024 18:31:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Oct 2023 20:52:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 405483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cipani.in/gnome2/images/g4.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/g4.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/g4.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/images/g1.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/g1.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/g1.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/images/g5.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/g5.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/g5.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i23953539&2i15750180&2e2&3u17&4m2&1u300&2u150&5m5&1e3&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=21279

142.250.74.170

200 OK

14 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i23953539&2i15750180&2e2&3u17&4m2&1u300&2u150&5m5&1e3&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=21279
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1004.3171076344584!2d76.99918958107067!3d10.949124309313909!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3ba85a12be1e7ef1%3A0x5a490c4c9765ed9e!2sPodanur+Crematorium!5e1!3m2!1sen!2sin!4v1508844725645
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x150, components 3\012- data
Size
14 kB (14476 bytes)
Hash
9662aac48c57dba64920e772c10bee5d
ae4135a0b5453c90f0066bc3d8d3be569dd6e661
113f032de2d96e6917498e5e746f17a49ccccb9a7b69e4d7d0e4f6996fb9a6b1

HTTP Headers

GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i23953539&2i15750180&2e2&3u17&4m2&1u300&2u150&5m5&1e3&5sen-US&6sus&10b1&12b1&client=google-maps-embed&token=21279 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/jpeg
date: Mon, 06 Nov 2023 11:09:10 GMT
expires: Tue, 07 Nov 2023 11:09:10 GMT
cache-control: public, max-age=86400
server: scaffolding on HTTPServer2
content-length: 14476
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cipani.in/gnome2/images/g3.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/g3.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/g3.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/images/g6.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/g6.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/g6.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/images/g2.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/g2.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/g2.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/gnome2/images/blog1.jpg

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/gnome2/images/blog1.jpg
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gnome2/images/blog1.jpg HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:10 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cipani.in/favicon.ico

43.255.154.95

200 OK

6.9 kB

URL GET HTTP/1.1
cipani.in/favicon.ico
IP
43.255.154.95:80
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

Requested by
http://cipani.in/gnome2/rentfree.zip

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1044)
Size
6.9 kB (6931 bytes)
Hash
217dddf8afb00fd8add4d891ac0a0974
b49d0e53aa619a570ecb4fde24c22d1a17d7822c
395ecab31a32b77f11683f2ed8674a1e34c40fcf502a00da21b668eaf31b7016

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cipani.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cipani.in/gnome2/rentfree.zip
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 11:09:11 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6931
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by