Report Overview
Visitedpublic
2026-03-07 16:31:40
Tags
Submit Tags
URL
swinowz.appwrite.network
Finishing URL
swinowz.appwrite.network/
IP / ASN
151.101.67.52
Title
PENTEST CHEATSHEET
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
www.revshells.com | unknown | 2021-03-09 | 2021-03-12 | 2026-03-01 | 6.7 kB | 520 kB |  35.157.26.135 |  |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2026-03-01 | 2.7 kB | 96 kB | 142.251.38.99 | |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2026-03-01 | 995 B | 10 kB | 172.217.21.170 | |
swinowz.appwrite.network 14 alert(s) on this Host | unknown | 2022-06-28 | 2026-03-01 | 2026-03-01 | 948 B | 547 kB | 151.101.3.52 |  |
Netlify (PaaS, CDN)
Netlify providers hosting and server-less backend services for web applications and static websites.Varnish (Caching)
Varnish is a reverse caching proxy.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Nextron YARA rules | www.revshells.com/ | malware | php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings |
| Nextron YARA rules | www.revshells.com/ | malware | Generic PHP webshell which uses any eval/exec function in the same line with user input |
| Nextron YARA rules | www.revshells.com/ | malware | PHP webshell using $a($code) for kind of eval with encoded blob to decode, e.g. b374k |
| Nextron YARA rules | www.revshells.com/ | malware | Generic JSP webshell |
| Nextron YARA rules | www.revshells.com/ | malware | Web Shell - from files jsp-reverse.jsp, jsp-reverse.jsp, jspbd.jsp |
| Nextron YARA rules | swinowz.appwrite.network/ | malware | Certutil Decode |
| Nextron YARA rules | swinowz.appwrite.network/ | malware | Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures) |
| Nextron YARA rules | swinowz.appwrite.network/ | malware | Detects a set of reconnaissance commands on Windows systems |
| YARAhub by abuse.ch | swinowz.appwrite.network/ | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
| YARAhub by abuse.ch | swinowz.appwrite.network/ | malware | Detects Generic ShellScript Downloader |
| Nextron YARA rules | swinowz.appwrite.network/favicon.ico | malware | Certutil Decode |
| Nextron YARA rules | swinowz.appwrite.network/favicon.ico | malware | Detects password dumper mimikatz in memory (False Positives: an service that could have copied a Mimikatz executable, AV signatures) |
| Nextron YARA rules | swinowz.appwrite.network/favicon.ico | malware | Detects a set of reconnaissance commands on Windows systems |
| YARAhub by abuse.ch | swinowz.appwrite.network/favicon.ico | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
| YARAhub by abuse.ch | swinowz.appwrite.network/favicon.ico | malware | Detects Generic ShellScript Downloader |
| DigiCert UltraDNS | swinowz.appwrite.network | malicious | Sinkholed |
| ClamAV | swinowz.appwrite.network/ | malicious | Unix.Trojan.MSShellcode-44 |
| ClamAV | swinowz.appwrite.network/favicon.ico | malicious | Unix.Trojan.MSShellcode-44 |
JavaScript (10)
No JavaScripts
HTTP Transactions (24)
| URL | IP | Response | Size |
|---|