Report - itot3477ne.temp.swtest.ru/

Report Overview

Submitted URL
itot3477ne.temp.swtest.ru/
IP
77.222.40.238
ASN
#44112 SpaceWeb Ltd
Submitted
2024-05-05 08:56:01
Access
public
Website Title
login
Final URL
itot3477ne.temp.swtest.ru/
Tags
botpanel malware
urlquery detections
Malware - Botnet panel

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
itot3477ne.temp.swtest.ru	unknown	unknown	No data	No data	1.2 kB	25 kB	77.222.40.238

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

itot3477ne.temp.swtest.ru/

77.222.40.238

200 OK

425 B

URL User Request GET HTTP/1.1
itot3477ne.temp.swtest.ru/
IP
77.222.40.238:80
ASN
#44112 SpaceWeb Ltd

File type
HTML document, ASCII text
Size
425 B (425 bytes)
Hash
59e5138079e03389c8f9341d98f01ca0
7f90a32aa9b9c60d978531559448d95ecce9dc48
ab591240acbb2c35d8ddcbfdbcf4a5191c79c9c4bc0bd52e1a2ac5052e5b12e9

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET / HTTP/1.1
Host: itot3477ne.temp.swtest.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.4
Date: Sun, 05 May 2024 08:55:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.27
Set-Cookie: PHPSESSID=049610e390a3b369849fb8e5e1cee708; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

itot3477ne.temp.swtest.ru/assets/css/bootstrap.min.css

77.222.40.238

200 OK

23 kB

URL GET HTTP/1.1
itot3477ne.temp.swtest.ru/assets/css/bootstrap.min.css
IP
77.222.40.238:80
ASN
#44112 SpaceWeb Ltd

Requested by
http://itot3477ne.temp.swtest.ru/

File type
Unicode text, UTF-8 text, with very long lines (65295), with CRLF line terminators
Size
23 kB (22656 bytes)
Hash
ab133df77e872aed9acba5ab4d941e3e
d209caeef489e899d3944aaa2048925a72589125
7e56d7e6b394801029ea74bc5a51a7094e1aa2ccec079c9fddc5f96e5ab51f91

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: itot3477ne.temp.swtest.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://itot3477ne.temp.swtest.ru/
Cookie: PHPSESSID=049610e390a3b369849fb8e5e1cee708
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.4
Date: Sun, 05 May 2024 08:55:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Mon, 22 Feb 2021 21:01:04 GMT
ETag: W/"1e883f3-25740-5bbf319920400"
Content-Encoding: gzip

itot3477ne.temp.swtest.ru/favicon.ico

77.222.40.238

404 Not Found

703 B

URL GET HTTP/1.1
itot3477ne.temp.swtest.ru/favicon.ico
IP
77.222.40.238:80
ASN
#44112 SpaceWeb Ltd

Requested by
http://itot3477ne.temp.swtest.ru/

File type
XML 1.0 document, ASCII text
Size
703 B (703 bytes)
Hash
c1cc7fd1a9c70a7f203fbb837de522cc
0b45e18a1fa8291f21e484b0c108eec8206b1357
2fc2a16e7e70f67675fa985e43ecbe3785bd64182e90e2ff11a2f9b57f946f19

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: itot3477ne.temp.swtest.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://itot3477ne.temp.swtest.ru/
Cookie: PHPSESSID=049610e390a3b369849fb8e5e1cee708
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.25.4
Date: Sun, 05 May 2024 08:55:37 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding, accept-language,accept-charset
Content-Language: en
Content-Encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers