Report Overview
URL
106.52.154.100:8888/supershell/login/
Finishing URL
106.52.154.100:8888/supershell/login
IP / ASN
106.52.154.100
Title
Supershell - 登录
Malware - Botnet panel
Detections
urlquery
2
Network Intrusion Detection
3
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
rsms.me | 18742 | 2010-12-05 | 2014-10-14 | 2025-10-13 | 943 B | 366 kB |  172.67.197.50 |     |
106.52.154.100 7 alert(s) on this Host | unknown | unknown | No data | No data | 3.5 kB | 629 kB | 106.52.154.100 |   |
GitHub Pages (PaaS)
GitHub Pages is a static site hosting service.Fastly (CDN)
Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video & streaming services.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Varnish (Caching)
Varnish is a reverse caching proxy.Nginx:1.18.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.jQuery (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| high | 172.18.0.8 | 106.52.154.100 | ET MALWARE Supershell CnC Activity | |
| high | 172.18.0.8 | 106.52.154.100 | ET MALWARE Supershell CnC Activity | |
| high | 106.52.154.100 | 172.18.0.8 | ET MALWARE Supershell C2 Login Page |
Threat Detection Systems
No alerts detected
JavaScript (0)
No JavaScripts
HTTP Transactions (11)
| URL | IP | Response | Size |
|---|