Report Overview
Submitted URL
www.dobravoda.com.mk/sites/default/files/favicon.txt
IP
195.26.152.196
ASN
#6821 Makedonski Telekom AD-Skopje
Submitted
2024-04-17 05:53:22
Access
public
Website Title
dobravoda.com.mk/sites/default/files/favicon.txt
Final URL
www.dobravoda.com.mk/sites/default/files/favicon.txt
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.dobravoda.com.mk | unknown | 2022-11-17 | 2016-01-16 | 2023-08-13 | 1.1 kB | 32 kB | 195.26.152.196 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | php webshell containing base64 encoded payload |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | Generic PHP webshell which uses any eval/exec function in the same line with user input |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | Webshell which sends eval/assert via GET |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | Web Shell - file r57142.php |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | Web Shell - file 404.php |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | Semi-Auto-generated - file wso.txt |
2024-04-17 | medium | www.dobravoda.com.mk/sites/default/files/favicon.txt | Semi-Auto-generated - from files multiple_php_webshells |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
JavaScript (0)
HTTP Transactions (3)
URL | IP | Response | Size | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
www.dobravoda.com.mk/ | 195.26.152.196 | 2.7 kB | ||||||||||||||||||||||||||||||||
HTTP Headers
| ||||||||||||||||||||||||||||||||||
www.dobravoda.com.mk/sites/default/files/favicon.txt | 195.26.152.196 | 200 OK | 28 kB | |||||||||||||||||||||||||||||||
Detections
HTTP Headers
| ||||||||||||||||||||||||||||||||||
www.dobravoda.com.mk/favicon.ico | 195.26.152.196 | 404 Not Found | 45 B | |||||||||||||||||||||||||||||||
HTTP Headers
| ||||||||||||||||||||||||||||||||||