Report - nemty2.top/public/gate.php?data=

Report Overview

Visitedpublic

2023-09-03 06:45:38

Tags

sinkhole malware

Submit Tags

URL

nemty2.top/public/gate.php?data=

Finishing URL

nemty2.top/public/gate.php?data=

IP / ASN

Russia

93.90.223.185

#47723 Softline Trade JSC

Title

Welcome page

Malware - Sinkholed domain

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

0

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
nemty2.top	unknown	2023-01-10	2020-04-13 08:34:28	2023-08-19 10:57:26	758 B	3.6 kB	93.90.223.185
upload.wikimedia.org	2215	2003-03-16	2012-05-21 11:39:45	2023-09-02 06:05:26	491 B	2.7 kB	185.15.59.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-03 06:45:09	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-09-03 06:45:10	medium	Client IP	93.90.223.185	ET INFO HTTP Request to a *.top domain
2023-09-03 06:45:10	medium	Client IP	93.90.223.185	ET HUNTING Suspicious GET To gate.php with no Referer
2023-09-03 06:45:10	high	93.90.223.185	Client IP	ET MALWARE Known Sinkhole Response Header
2023-09-03 06:45:20	high	93.90.223.185	Client IP	ET MALWARE Known Sinkhole Response Header

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

	URL	IP	Response	Size