| bashupload.com/Yq877/update.dll | 116.203.186.178 | 200 OK | 556 B |
URL User Request GET HTTP/1.1bashupload.com/Yq877/update.dll IP116.203.186.178:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectbashupload.com FingerprintEB:B5:32:49:4B:8F:78:C9:B8:4E:5C:34:22:5A:3A:7B:DF:25:53:1E ValidityFri, 09 Feb 2024 04:11:57 GMT - Thu, 09 May 2024 04:11:56 GMT
File typeHTML document, ASCII text Hashf3d4562a708b00d3b02e6e8c0ca8ce96 8c37be56e3ca9916ec5e10fa7c4cb8c860a51532 bdcbb13e07d5d0391d25f5f691a81ebb0c49eb333181afedd813a4a7e4e688e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Yq877/update.dll HTTP/1.1
Host: bashupload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 14:04:45 GMT
Content-Type: text/html;charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
| bashupload.com/styles.css?7 | 116.203.186.178 | 200 OK | 1.1 kB |
URL GET HTTP/1.1bashupload.com/styles.css?7 IP116.203.186.178:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://bashupload.com/Yq877/update.dll CertificateIssuerLet's Encrypt Subjectbashupload.com FingerprintEB:B5:32:49:4B:8F:78:C9:B8:4E:5C:34:22:5A:3A:7B:DF:25:53:1E ValidityFri, 09 Feb 2024 04:11:57 GMT - Thu, 09 May 2024 04:11:56 GMT
Hash6e56c2013e8c258b538a13735f719c2f cf1ea80e00e70d66d8a211eab1199b6c3e373675 1f069350eff195adc8c1701c1849f384bbc4b58f7f36f0412a262c6fc345de92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles.css?7 HTTP/1.1
Host: bashupload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bashupload.com/Yq877/update.dll
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 14:04:45 GMT
Content-Type: text/css
Last-Modified: Sun, 17 Jan 2021 18:28:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"600481d1-b25"
Content-Encoding: gzip
|
| bashupload.com/script.js?7 | 116.203.186.178 | 200 OK | 1.1 kB |
URL GET HTTP/1.1bashupload.com/script.js?7 IP116.203.186.178:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://bashupload.com/Yq877/update.dll CertificateIssuerLet's Encrypt Subjectbashupload.com FingerprintEB:B5:32:49:4B:8F:78:C9:B8:4E:5C:34:22:5A:3A:7B:DF:25:53:1E ValidityFri, 09 Feb 2024 04:11:57 GMT - Thu, 09 May 2024 04:11:56 GMT
Hashe366d6be7860f1094cacde7746b3befb 64ef6282d1db57921c3e8a08b19fdcc88a5fa219 c6154e5ecc5c76ea73f91d28adb6c8abebcbfd05d52c80a1f41b7f29af181e09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /script.js?7 HTTP/1.1
Host: bashupload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bashupload.com/Yq877/update.dll
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 14:04:45 GMT
Content-Type: application/javascript
Last-Modified: Sun, 17 Jan 2021 18:28:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"600481d1-dec"
Content-Encoding: gzip
|
IP116.203.186.178:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://bashupload.com/Yq877/update.dll CertificateIssuerLet's Encrypt Subjectbashupload.com FingerprintEB:B5:32:49:4B:8F:78:C9:B8:4E:5C:34:22:5A:3A:7B:DF:25:53:1E ValidityFri, 09 Feb 2024 04:11:57 GMT - Thu, 09 May 2024 04:11:56 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo.png HTTP/1.1
Host: bashupload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bashupload.com/Yq877/update.dll
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 29 Mar 2024 14:04:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
| measury.io/jU3dp0/bashupload_views | 49.12.184.240 | 200 OK | 0 B |
URL GET HTTP/1.1measury.io/jU3dp0/bashupload_views IP49.12.184.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://bashupload.com/Yq877/update.dll CertificateIssuerLet's Encrypt Subjectmeasury.io FingerprintC5:3F:41:7D:18:18:B8:65:37:49:66:5E:4F:1C:8D:CD:9F:10:AB:C3 ValidityWed, 20 Mar 2024 16:56:36 GMT - Tue, 18 Jun 2024 16:56:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jU3dp0/bashupload_views HTTP/1.1
Host: measury.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bashupload.com/
Origin: https://bashupload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 29 Mar 2024 14:04:46 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://bashupload.com
|