| www.xnbeta.com/Nowprep/ver.txt | 23.224.62.178 | 200 OK | 617 B |
URL User Request GET HTTP/1.1www.xnbeta.com/Nowprep/ver.txt IP23.224.62.178:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (916), with no line terminators Hash416f050f734573b47b58baf9eccad57c 706deea8b99d68b666b93085381e578ed93eef65 18a86f5353fd2a84c2bb4e2b809b913356e2e09cbc3677b3f8fa2116aafbbc03
GET /Nowprep/ver.txt HTTP/1.1
Host: www.xnbeta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 08:56:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-transform
Content-Encoding: gzip
|
|
| sdk.51.la/js-sdk-pro.min.js?id=K9pUqF39LQNK0LhG&ck=K9pUqF39LQNK0LhG | 47.246.44.241 | 200 OK | 13 kB |
URL GET HTTP/1.1sdk.51.la/js-sdk-pro.min.js?id=K9pUqF39LQNK0LhG&ck=K9pUqF39LQNK0LhG IP47.246.44.241:80 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttp://www.xnbeta.com/Nowprep/ver.txt
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34110) Hash24bb520e9517f2ed3ed987b46aeaf723 846723563d7dd2bff3954f93633b11af0103adc8 d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js?id=K9pUqF39LQNK0LhG&ck=K9pUqF39LQNK0LhG HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.xnbeta.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 16 Apr 2024 20:05:23 GMT
x-oss-request-id: 661EDA038A5A143534580394
x-oss-cdn-auth: success
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 2
Ali-Swift-Global-Savetime: 1713297923
Via: cache26.l2de2[0,0,304-0,H], cache25.l2de2[2,0], ens-cache17.se2[0,0,200-0,H], ens-cache6.se2[0,0]
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"24BB520E9517F2ED3ED987B46AEAF723"
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Age: 219052
X-Cache: HIT TCP_MEM_HIT dirn:7:725268867
X-Swift-SaveTime: Wed, 17 Apr 2024 22:26:18 GMT
X-Swift-CacheTime: 1201145
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9a17135169751234460e
Content-Encoding: gzip
|
|
| www.xnbeta.com/qifei/20240413.script | 23.224.62.178 | 200 OK | 850 B |
URL GET HTTP/1.1www.xnbeta.com/qifei/20240413.script IP23.224.62.178:80
Requested byhttp://www.xnbeta.com/Nowprep/ver.txt
File typeHTML document, ASCII text, with very long lines (452) Hash8498f07c1e4773bcefe51295c7bf57c5 ffcc8fe1ad7df9fbb9ddad99e9e6cb25fded97e7 67bad5e8bdb3f173a89b22b7137284bcacff10fddae2c4f235e2099665a2abe5
GET /qifei/20240413.script HTTP/1.1
Host: www.xnbeta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.xnbeta.com/Nowprep/ver.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 08:56:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-transform
Content-Encoding: gzip
|
|
| www.xnbeta.com/lala/20240413.fgcript | 23.224.62.178 | 200 OK | 22 kB |
URL GET HTTP/1.1www.xnbeta.com/lala/20240413.fgcript IP23.224.62.178:80
Requested byhttp://www.xnbeta.com/Nowprep/ver.txt
File typeJavaScript source, ASCII text, with very long lines (65515) Hash9f3fbf9d3422f657b5ee809e8fe5fa46 16479c0de4677eef61738d878fde7fafe60c3172 8b3a47f5ec493ed0ae8fe4446f1c5c88acddb528b944259c707beae662c9f05e
NIDS | Severity | Alert | suricata | high | ETPRO EXPLOIT_KIT Possible Evil Redirect Leading to EK Dec 04 2016 |
GET /lala/20240413.fgcript HTTP/1.1
Host: www.xnbeta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.xnbeta.com/Nowprep/ver.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 08:56:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-transform
Content-Encoding: gzip
|
|
| www.xnbeta.com/fn404.html | 23.224.62.178 | 200 OK | 3.6 kB |
URL GET HTTP/1.1www.xnbeta.com/fn404.html IP23.224.62.178:80
Requested byhttp://www.xnbeta.com/Nowprep/ver.txt
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1217) Hashadc077fe3a292d1773869f25d3ac163a eaebcbffa8147cbf896ebb44e67606be61fa54a6 5e9e10974c250255141afe9f22245f3e3d93259fa6c492c15cc8fd3905b8bef9
GET /fn404.html HTTP/1.1
Host: www.xnbeta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.xnbeta.com/Nowprep/ver.txt
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 08:56:15 GMT
Content-Type: text/html
Last-Modified: Mon, 12 Feb 2024 05:59:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65c9b3c3-2a5b"
Content-Encoding: gzip
|
|
| www.xnbeta.com/back.jpg | 23.224.62.178 | 200 OK | 617 B |
IP23.224.62.178:80
Requested byhttp://www.xnbeta.com/fn404.html
File typeHTML document, Unicode text, UTF-8 text, with very long lines (916), with no line terminators Hash416f050f734573b47b58baf9eccad57c 706deea8b99d68b666b93085381e578ed93eef65 18a86f5353fd2a84c2bb4e2b809b913356e2e09cbc3677b3f8fa2116aafbbc03
GET /back.jpg HTTP/1.1
Host: www.xnbeta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.xnbeta.com/fn404.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 08:56:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-transform
Content-Encoding: gzip
|
|
| www.xnbeta.com/favicon.ico | 23.224.62.178 | 200 OK | 4.3 kB |
URL GET HTTP/1.1www.xnbeta.com/favicon.ico IP23.224.62.178:80
Requested byhttp://www.xnbeta.com/Nowprep/ver.txt
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hashf2d2896c488493e18c1b112cdd9bb1d9 9566a02d9d66bbeaea16df206ea4d9add214826f 2681561eb24e7435fea1acf26f3af95e4efc9f7d451587b58bef62f030f337e9
GET /favicon.ico HTTP/1.1
Host: www.xnbeta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.xnbeta.com/Nowprep/ver.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 08:56:16 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Thu, 14 Sep 2023 09:38:55 GMT
Connection: keep-alive
ETag: "6502d4af-10be"
Accept-Ranges: bytes
|
|