Report - 45.157.69.179/shells.txt

Report Overview

Submitted URL
45.157.69.179/shells.txt
IP
45.157.69.179
ASN
#142062 qlhost
Submitted
2024-04-19 07:39:20
Access
public
Website Title
45.157.69.179/shells.txt
Final URL
45.157.69.179/shells.txt
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
45.157.69.179	unknown	unknown	No data	No data	1.0 kB	182 kB	45.157.69.179

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	45.157.69.179	Sinkholed
2024-04-19	medium	45.157.69.179	Sinkholed
2024-04-19	medium	45.157.69.179	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

45.157.69.179/

45.157.69.179

2.8 kB

URL
45.157.69.179/
IP
45.157.69.179:0
ASN
#142062 qlhost

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.8 kB (2834 bytes)
Hash
c880bc57eef804d61c946b0c22096645
4dd18bb7296e8c385a0e6295313248076e659648
8fcd7408dbcde4e9013dd00dd7022c472d871f810ac3a8ccacaea6e2167c2df8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 45.157.69.179
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 2834
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
Set-Cookie: HFS_SID_=CfnH3TQr5kAAAOB2lIPkPw; path=/; HttpOnly
Cache-Control: no-cache, no-store, must-revalidate, max-age=-1
Content-Encoding: gzip

45.157.69.179/shells.txt

45.157.69.179

200 OK

178 kB

URL User Request GET HTTP/1.1
45.157.69.179/shells.txt
IP
45.157.69.179:80
ASN
#142062 qlhost

File type
ASCII text, with very long lines (65536), with no line terminators
Size
178 kB (178184 bytes)
Hash
0f9a99a665b5743aa26283e3cd89ad74
c64651a85aaf9e63d7bf8a16dde22a5c18679737
de9cd7cb21a1d256db4fee729195032a0ce79d4ba91fb76c75aa58a47e5c0b7c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shells.txt HTTP/1.1
Host: 45.157.69.179
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 178184
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7
Set-Cookie: HFS_SID_=HqzY3TQr5kAAAIDSMdbpPw; path=/; HttpOnly
ETag: 18045c656fa5a0cd4b407eb7ed379368
Last-Modified: Thu, 18 Apr 2024 09:33:46 GMT
Content-Disposition: filename*=UTF-8''shells.txt; filename=shells.txt

45.157.69.179/favicon.ico

45.157.69.179

200 OK

576 B

URL GET HTTP/1.1
45.157.69.179/favicon.ico
IP
45.157.69.179:80
ASN
#142062 qlhost

Requested by
http://45.157.69.179/shells.txt

File type
GIF image data, version 89a, 16 x 16
Size
576 B (576 bytes)
Hash
9c3180a65d1ac3066055353e8b8b693e
15031554825c0aabbfdb1ce2c2756c479a7295d6
a37b97bab4af022ffea89ae28cba0d7a098bb2dadca53b770b16a2973f112845

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 45.157.69.179
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.157.69.179/shells.txt
Cookie: HFS_SID_=HqzY3TQr5kAAAIDSMdbpPw
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 576
Accept-Ranges: bytes
Server: HFS 2.4.0 RC7

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers