Report Overview
Submitted URL
undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT
IP
194.132.110.17
ASN
#12552 GlobalConnect AB
Submitted
2024-05-07 13:36:23
Access
public
Website Title
undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT
Final URL
undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
undergroundfootball.com | unknown | 2019-10-06 | 2014-12-29 | 2023-08-07 | 1.0 kB | 89 kB | 194.132.110.17 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | php webshell containing base64 encoded payload |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Generic PHP webshell which uses any eval/exec function in the same line with user input |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Webshell which sends eval/assert via GET |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Web Shell - file r57142.php |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Web Shell - file 404.php |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Web Shell - from files wso2.5.1.php, wso2.5.php, wso2.php |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Semi-Auto-generated - file wso.txt |
2024-05-07 | medium | undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | Semi-Auto-generated - from files multiple_php_webshells |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | ||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
undergroundfootball.com/wp-content/themes/twentysixteen/genericons/PASTING.TXT | 194.132.110.17 | 200 OK | 86 kB | ||||||||||||||||||||||||||||||||||
Detections
HTTP Headers
| |||||||||||||||||||||||||||||||||||||
undergroundfootball.com/favicon.ico | 194.132.110.17 | 500 Internal Server Error | 2.9 kB | ||||||||||||||||||||||||||||||||||
HTTP Headers
| |||||||||||||||||||||||||||||||||||||