Report - bettamint.com/forms/file3.ps1

Report Overview

Visited public
2023-12-06 09:17:54
Tags
URL
bettamint.com/forms/file3.ps1
Finishing URL
bettamint.com/forms/file3.ps1
IP / ASN
192.124.249.6
#30148 SUCURI-SEC
Title
Bettamint - Build Quicker, Build Smarter, Build Better

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

164

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-06 05:09:53	3.2 kB	42 kB	151.101.193.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-06 08:09:09	1.8 kB	128 kB	142.250.74.106
www.bettamint.com	unknown	2022-06-09	2022-06-18 09:35:31	2023-05-25 11:50:12	463 B	8.1 kB	192.124.249.6
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-12-06 07:26:10	876 B	72 kB	104.16.125.175
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-06 06:59:18	456 B	2.9 kB	104.17.25.14
img1.wsimg.com	9893	2008-03-17	2012-06-20 16:42:31	2023-12-05 09:01:34	1.8 kB	29 kB	23.36.79.43
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07 17:11:00	2023-12-05 20:13:28	1.1 kB	163 kB	104.18.10.207
events.api.secureserver.net	125179	1998-03-30	2020-06-23 05:18:34	2023-12-05 16:06:01	2.3 kB	926 B	2.22.31.40
bettamint.com	unknown	2022-06-09	2022-06-18 09:35:31	2023-05-25 11:50:12	23 kB	732 kB	192.124.249.6

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed
2023-12-06	medium	bettamint.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	unpkg.com/sweetalert/dist/sweetalert.min.js	ScriptElement	41 kB	2023-03-07	2025-05-11
Pretty URL unpkg.com/sweetalert/dist/sweetalert.min.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 06:10 Times Seen4383 Hash f3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	619 B	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 018e237e5f98a225ad02537a4718d072 e2b7706a9181310274fc05fdff021c8ef3b3758c c27348b996c23f47ec4fe721f376ce29625e7f781bf5b8a50643e3b578e16494 Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	3.4 kB	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash b2e7488f7a8f10620ead6fd3140a18fd 4a97c132b0144c510cf94b4857d9be5b962e0516 6aef768260ec1b1554f44224d3cb69951ec5d3b92635b32ffa80e37dfa3b3070 Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	2.2 kB	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 06e34f5e5001ca07bf7ff64261b94b12 e6a005a270604a88a02a29380a8a42bdde3a440c 7a48e50626998c310dfafe12c329066a3ef49859e3af00c50ec40ac62496112b Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	873 B	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash b1c1a8621d2f297871288dbbe751fd34 1bb556a96dc972f0d5538c4930093c00226274db 9cf079e50ee8e311d4ba78bddb9900553b478a216c0a64485581eae8cb7f752f Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	1.2 kB	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 61a8b02f62eb887719fe492726444ed5 8a357772bff3c34f9c5e4e52ff2fd76fab54b2be fca9ab72c49fa83d9ee4dbfb28027fa3a3fef30e7fb0583faaf97317bdfccd76 Loading...

	img1.wsimg.com/traffic-assets/js/tccl.min.js	ScriptElement	47 kB	2023-10-19	2024-08-21
Pretty URL img1.wsimg.com/traffic-assets/js/tccl.min.js IP 23.36.79.43 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-19 23:15 Last Seen2024-08-21 04:05 Times Seen1002 Hash 8e70743bdf9b3d3adbb26471c84a006c 628d9f8f60b9055384bb3a0878e63683122ab616 53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js	ScriptElement	90 kB	2023-03-26	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 04:59 Last Seen2025-05-11 15:15 Times Seen7496 Hash 641dd14370106e992d352166f5a07e99 eda46747c71d38a880bee44f9a439c3858bb8f99 a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af Loading...

	cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js	ScriptElement	30 kB	2023-03-08	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28 Last Seen2025-05-10 21:16 Times Seen695 Hash 58db39c8e19b600ad104cfb9a528c2b2 dbdef6617d6fb7f141996c3a1d5aef202eadf867 159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc Loading...

	cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js	ScriptElement	5.6 kB	2023-03-13	2025-05-11
Pretty URL cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:55 Last Seen2025-05-11 13:06 Times Seen177 Hash e79cb0b07302f28e837aaad59190f464 cc8e2a7c008e916ede5d4ae9882965e4ee63a4b9 03eda8a72aa1bdb055f2d6ddf6620cf30f73bef3181ce6b0634dc1411b6aecac Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	490 B	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash a9c859b1bdae0c2cccefe0914f35e79b ac7547f0c45c0217390ba6dd8a6e32f5e4da55c1 15ff45080ef2aa9edbde02a39ad379ad3bec4e80fd06b98c5b60ea7442f799c6 Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	255 B	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 42af9f720ab1f0e2b60a698a9a15e694 1075d454bd95fc35296349fe845f4cb855386705 9f7798d78028ea5085b921ca03c3659fed8fd2eb653238c7090418bd3411d0dd Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	5.0 kB	2024-08-20	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:36 Last Seen2024-08-20 16:36 Times Seen1 Hash a8a41fcd2ba71a037389cfd39dfb9c41 4265a8d1802106ce460f08fb9cca4cee55a9f41a e33ad6b2ccd72d6904d46c5db16cc3b49eb732463f65ac493f73272ce91cd7a8 Loading...

	unknown	ScriptElement	3.4 kB	2023-12-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash b2e7488f7a8f10620ead6fd3140a18fd 4a97c132b0144c510cf94b4857d9be5b962e0516 6aef768260ec1b1554f44224d3cb69951ec5d3b92635b32ffa80e37dfa3b3070 Loading...

	unknown	ScriptElement	2.2 kB	2023-12-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 06e34f5e5001ca07bf7ff64261b94b12 e6a005a270604a88a02a29380a8a42bdde3a440c 7a48e50626998c310dfafe12c329066a3ef49859e3af00c50ec40ac62496112b Loading...

	cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js	ScriptElement	3.1 kB	2023-03-07	2025-05-11
Pretty URL cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-11 11:04 Times Seen756 Hash 0f856c2800426884c2acdd3e1819f3f7 fc2b43e560c45bb887add98f17b084068a9232cb 98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7 Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	3.9 kB	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 3fd0b701bd7ecce3d6986cc951632155 a8662f6d75dd0b3fb0fbeb991adcd5d53c462465 a41bdf9962c8c9eae441c452c7ead856a80ee35e34e33d69911a7d59e8d34054 Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	1.0 kB	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 83d56db30c901474d7cbb297b36e0e40 d42ee7ed935b18a6dc9d13e9ba962f13ba5d6803 476ea2fbd9550cb70492e023dd264dd1606743f886b2b943430076e73d44c9d6 Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	380 B	2023-12-06	2024-08-20
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash 7ba8792691ed9bf825ec9ff917c8248d 4951bb3e194a1c28f90c0125792b600d8129fae1 076557dc75a1e565eec94be648223fbd42ece157aca89a7d6564de14e7bfc38f Loading...

	bettamint.com/forms/file3.ps1	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL bettamint.com/forms/file3.ps1 IP 192.124.249.6 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 17:01 Times Seen4656069 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	508 B	2023-12-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 10:17 Last Seen2024-08-20 16:36 Times Seen3 Hash d47d060a3862a6870c9e5eaf6a8eaa9c c32753314f576d50122866a64aa9cd13d5d519be 2b2f05db7eb0a8cd440345a142ab72f250561ac899831a7e9aeadefb1f2d0497 Loading...

HTTP Transactions (63)

URL IP Response Size

bettamint.com/forms/file3.ps1

192.124.249.6

200 OK

18 kB

URL User Request GET HTTP/2
bettamint.com/forms/file3.ps1
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17831 bytes)
Hash
7ea4bd35ef6d39bb898d5d5fe79efe30
27fccecd699953f69397b85810b0eea6bd093b58
3397e899fc17aba0c6701872f4f709ce3c38bdbe0507964c119561ae7a520be9

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/file3.ps1 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:35 GMT
content-type: text/html; charset=UTF-8
content-length: 17831
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; path=/
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/chosen/1.8.7/chosen.min.css

104.17.25.14

200 OK

1.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/chosen/1.8.7/chosen.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9850)
Size
1.9 kB (1875 bytes)
Hash
d7ca5ca9441ef9e10f9ea5d90002690a
44ad0714f19cb9856a35a96d566476b0803631ef
107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e

HTTP Headers

GET /ajax/libs/chosen/1.8.7/chosen.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 09:17:35 GMT
content-type: text/css; charset=utf-8
content-length: 1875
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e23-27ec"
last-modified: Mon, 04 May 2020 16:09:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1130507
expires: Mon, 25 Nov 2024 09:17:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2vmdRjsUs4pOwWdC9vISdGvclZRz4zvJ%2Fd6pkXDEsy2jZhzX7bqX8%2FDxVfEXoWCnMAdamPUOPSrp36xE6GP1QBEhUZ5VhEgT6Z9eTA6uAlFsMbq%2BT9GvRyaXvDom4ziU6k91zg9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 83136fcba9bb56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js

151.101.193.229

200 OK

14 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (29400)
Size
14 kB (13512 bytes)
Hash
58db39c8e19b600ad104cfb9a528c2b2
dbdef6617d6fb7f141996c3a1d5aef202eadf867
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc

HTTP Headers

GET /npm/@splidejs/splide@4.1.4/dist/js/splide.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.4
x-jsd-version-type: version
etag: W/"746b-2972YX1vt/FBmWw6HVrvIC6t+Gc"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:35 GMT
age: 3048243
x-served-by: cache-fra-eddf8230117-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13512
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/css/splide.min.css

151.101.193.229

200 OK

1.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/css/splide.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (5002), with no line terminators
Size
1.4 kB (1383 bytes)
Hash
f6a86e8018fc1f6ae254b339acbd1cdd
9c256ac79696564334355f8c4b848590677fd583
e6e2a25c4c1b69087d720776ff9569e9698c9ec52bdd5659c346bcaca9ce28d5

HTTP Headers

GET /npm/@splidejs/splide@4.1.4/dist/css/splide.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.4
x-jsd-version-type: version
etag: W/"138a-nCVqx5aWVkM0NV+MS4SFkGd/1YM"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:35 GMT
age: 12204501
x-served-by: cache-fra-eddf8230135-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1383
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js

151.101.193.229

200 OK

2.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (5467)
Size
2.6 kB (2595 bytes)
Hash
e79cb0b07302f28e837aaad59190f464
cc8e2a7c008e916ede5d4ae9882965e4ee63a4b9
03eda8a72aa1bdb055f2d6ddf6620cf30f73bef3181ce6b0634dc1411b6aecac

HTTP Headers

GET /npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.5.3
x-jsd-version-type: version
etag: W/"15d3-zI4qfACOkW7eXUrpiCll5O5jpLk"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:35 GMT
age: 1826596
x-served-by: cache-fra-etou8220046-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2595
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

151.101.193.229

200 OK

1.3 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (1499)
Size
1.3 kB (1295 bytes)
Hash
0f856c2800426884c2acdd3e1819f3f7
fc2b43e560c45bb887add98f17b084068a9232cb
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

HTTP Headers

GET /npm/lozad/dist/lozad.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.0
x-jsd-version-type: version
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:35 GMT
age: 24720
x-served-by: cache-fra-eddf8230052-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1295
X-Firefox-Spdy: h2

img1.wsimg.com/traffic-assets/js/tccl.min.js

23.36.79.43

301 Moved Permanently

0 B

URL GET HTTP/2
img1.wsimg.com/traffic-assets/js/tccl.min.js
IP
23.36.79.43:443
ASN
#20940 Akamai International B.V.

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-length: 0
location: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
cache-control: max-age=31536000
expires: Thu, 05 Dec 2024 09:17:35 GMT
date: Wed, 06 Dec 2023 09:17:35 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31154 bytes)
Hash
641dd14370106e992d352166f5a07e99
eda46747c71d38a880bee44f9a439c3858bb8f99
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

HTTP Headers

GET /ajax/libs/jquery/3.6.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:10 GMT
expires: Wed, 04 Dec 2024 04:34:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

23.36.79.43

200 OK

13 kB

URL GET HTTP/2
img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
IP
23.36.79.43:443
ASN
#20940 Akamai International B.V.

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
ASCII text, with very long lines (46628)
Size
13 kB (13404 bytes)
Hash
8e70743bdf9b3d3adbb26471c84a006c
628d9f8f60b9055384bb3a0878e63683122ab616
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

HTTP Headers

GET /signals/js/clients/tccl/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bettamint.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: SHMTKd/PfvKGkKQ3xrihkWhErxpto4wdM0h5rMPJztpD22rQG9QOtkAwZwfm4LPZOi5a/Aah5WE=
x-amz-request-id: 2AZPRWBHQ4K2FDZJ
last-modified: Wed, 18 Oct 2023 16:44:03 GMT
etag: "8e70743bdf9b3d3adbb26471c84a006c"
x-amz-server-side-encryption: AES256
x-amz-meta-version: 2.0.2
x-amz-version-id: CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 13404
cache-control: max-age=1800
expires: Wed, 06 Dec 2023 09:47:36 GMT
date: Wed, 06 Dec 2023 09:17:36 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

bettamint.com/forms/assets/css/style.css?v=1701854255

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/css/style.css?v=1701854255
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/css/style.css?v=1701854255 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31154 bytes)
Hash
641dd14370106e992d352166f5a07e99
eda46747c71d38a880bee44f9a439c3858bb8f99
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

HTTP Headers

GET /ajax/libs/jquery/3.6.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:10 GMT
expires: Wed, 04 Dec 2024 04:34:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

84 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
84 kB (84137 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bettamint.com
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 09:17:35 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8535bfbece3e4856c1efadb1f96b5e9a
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83136fcbcbf07127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/login.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/login.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/login.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/logo.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/logo.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/logo.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/home-pic.png?v=1701854255

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/home-pic.png?v=1701854255
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/home-pic.png?v=1701854255 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/slick.js?v=1701854255

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/slick.js?v=1701854255
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/slick.js?v=1701854255 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/get-playstore.png

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/images/get-playstore.png
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/get-playstore.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/multi-select/multi-select.css

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/multi-select/multi-select.css
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/multi-select/multi-select.css HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/functions.js?v=1701854255

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/functions.js?v=1701854255
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/functions.js?v=1701854255 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/multi-select/multi-select.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/multi-select/multi-select.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/multi-select/multi-select.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/logo-dark.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/logo-dark.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/logo-dark.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/bootstrap.min.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/bootstrap.min.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/bootstrap.min.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/banner-version/home-banner.jpg

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/banner-version/home-banner.jpg
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/banner-version/home-banner.jpg HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/jquery.fancybox.min.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/jquery.fancybox.min.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/jquery.fancybox.min.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/phone-img.png

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/images/phone-img.png
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/phone-img.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/get-app-bg.png

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/images/get-app-bg.png
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/get-app-bg.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/slick.js?v=1701854255

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/slick.js?v=1701854255
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
6ad3f2519b4410fcbea5dcd448a2c5a6
332bfd3167c468159e2164b7ab82240f89c4038f
7c69ae0a9c692a3435112469043b16b00e64ee051f559936927a2189942fa12b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/slick.js?v=1701854255 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/green-pattern-bg.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/green-pattern-bg.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/green-pattern-bg.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:37 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/jquery.fancybox.min.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/jquery.fancybox.min.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/jquery.fancybox.min.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:37 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/wow.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/wow.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/wow.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:37 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/functions.js?v=1701854255

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/functions.js?v=1701854255
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/functions.js?v=1701854255 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:37 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/multi-select/multi-select.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/multi-select/multi-select.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/multi-select/multi-select.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:37 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/multi-select/multi-select.css

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/multi-select/multi-select.css
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17831 bytes)
Hash
aeb1f2a34a15f4b95e032257050cf7f8
6b506539af71ae84369d617d4419480f40fa8fde
6a5ca24af400e70f9e26f8a99c4fb8927f5988d2b8746a44f0fb68032583e75b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/multi-select/multi-select.css HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:38 GMT
content-type: text/html; charset=UTF-8
content-length: 17831
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

events.api.secureserver.net/t/1/tl/event?cts=1701854264233&dh=bettamint.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=9984627&cv=2.0.2&z=1565678770&vg=e5ce4706-f26d-5cb2-891a-d895192f52e0&vtg=e5ce4706-f26d-5cb2-891a-d895192f52e0&dp=%2Fforms%2Ffile3.ps1&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22bom1plzcpnl493857%22%2C%22dcenter%22%3A%22bom1%22%2C%22cp_id%22%3A%228900743%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=4803d872-30d0-5150-9980-e650b79f1ac8&ht=pageview

2.22.31.40

200 OK

43 B

URL GET HTTP/2
events.api.secureserver.net/t/1/tl/event?cts=1701854264233&dh=bettamint.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=9984627&cv=2.0.2&z=1565678770&vg=e5ce4706-f26d-5cb2-891a-d895192f52e0&vtg=e5ce4706-f26d-5cb2-891a-d895192f52e0&dp=%2Fforms%2Ffile3.ps1&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22bom1plzcpnl493857%22%2C%22dcenter%22%3A%22bom1%22%2C%22cp_id%22%3A%228900743%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=4803d872-30d0-5150-9980-e650b79f1ac8&ht=pageview
IP
2.22.31.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerStarfield Technologies, Inc.
Subject*.api.secureserver.net
Fingerprint86:0A:54:3C:14:92:76:57:19:E1:8B:86:AE:B6:C7:06:3C:C8:7A:58
ValidityMon, 10 Jul 2023 19:26:59 GMT - Sat, 10 Aug 2024 19:26:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/1/tl/event?cts=1701854264233&dh=bettamint.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=9984627&cv=2.0.2&z=1565678770&vg=e5ce4706-f26d-5cb2-891a-d895192f52e0&vtg=e5ce4706-f26d-5cb2-891a-d895192f52e0&dp=%2Fforms%2Ffile3.ps1&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22bom1plzcpnl493857%22%2C%22dcenter%22%3A%22bom1%22%2C%22cp_id%22%3A%228900743%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=4803d872-30d0-5150-9980-e650b79f1ac8&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bettamint.com
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://bettamint.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 06 Dec 2023 09:17:38 GMT
X-Firefox-Spdy: h2

events.api.secureserver.net/t/1/tl/event?cts=1701854264263&dh=bettamint.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=9984627&cv=2.0.2&z=26617611&vg=e5ce4706-f26d-5cb2-891a-d895192f52e0&vtg=e5ce4706-f26d-5cb2-891a-d895192f52e0&dp=%2Fforms%2Ffile3.ps1&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22bom1plzcpnl493857%22%2C%22dcenter%22%3A%22bom1%22%2C%22cp_id%22%3A%228900743%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=5b64fe8d-a96e-5008-9756-a8a8639cc7c8&ht=perf&tce=1701854261018&tcs=1701854260791&tdc=1701854264243&tdclee=1701854264243&tdcles=1701854264237&tdi=1701854264233&tdl=1701854261872&tdle=1701854260790&tdls=1701854260746&tfs=1701854260744&tns=1701854260659&trqs=1701854261018&tre=1701854261791&trps=1701854261766&tles=1701854264243&tlee=0&nt=navigate&nav_type=hard

2.22.31.40

200 OK

43 B

URL GET HTTP/2
events.api.secureserver.net/t/1/tl/event?cts=1701854264263&dh=bettamint.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=9984627&cv=2.0.2&z=26617611&vg=e5ce4706-f26d-5cb2-891a-d895192f52e0&vtg=e5ce4706-f26d-5cb2-891a-d895192f52e0&dp=%2Fforms%2Ffile3.ps1&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22bom1plzcpnl493857%22%2C%22dcenter%22%3A%22bom1%22%2C%22cp_id%22%3A%228900743%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=5b64fe8d-a96e-5008-9756-a8a8639cc7c8&ht=perf&tce=1701854261018&tcs=1701854260791&tdc=1701854264243&tdclee=1701854264243&tdcles=1701854264237&tdi=1701854264233&tdl=1701854261872&tdle=1701854260790&tdls=1701854260746&tfs=1701854260744&tns=1701854260659&trqs=1701854261018&tre=1701854261791&trps=1701854261766&tles=1701854264243&tlee=0&nt=navigate&nav_type=hard
IP
2.22.31.40:443
ASN
#20940 Akamai International B.V.

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerStarfield Technologies, Inc.
Subject*.api.secureserver.net
Fingerprint86:0A:54:3C:14:92:76:57:19:E1:8B:86:AE:B6:C7:06:3C:C8:7A:58
ValidityMon, 10 Jul 2023 19:26:59 GMT - Sat, 10 Aug 2024 19:26:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/1/tl/event?cts=1701854264263&dh=bettamint.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=9984627&cv=2.0.2&z=26617611&vg=e5ce4706-f26d-5cb2-891a-d895192f52e0&vtg=e5ce4706-f26d-5cb2-891a-d895192f52e0&dp=%2Fforms%2Ffile3.ps1&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22bom1plzcpnl493857%22%2C%22dcenter%22%3A%22bom1%22%2C%22cp_id%22%3A%228900743%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=5b64fe8d-a96e-5008-9756-a8a8639cc7c8&ht=perf&tce=1701854261018&tcs=1701854260791&tdc=1701854264243&tdclee=1701854264243&tdcles=1701854264237&tdi=1701854264233&tdl=1701854261872&tdle=1701854260790&tdls=1701854260746&tfs=1701854260744&tns=1701854260659&trqs=1701854261018&tre=1701854261791&trps=1701854261766&tles=1701854264243&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bettamint.com
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://bettamint.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 06 Dec 2023 09:17:38 GMT
X-Firefox-Spdy: h2

bettamint.com/forms/favicon.ico

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/favicon.ico
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17831 bytes)
Hash
aeb1f2a34a15f4b95e032257050cf7f8
6b506539af71ae84369d617d4419480f40fa8fde
6a5ca24af400e70f9e26f8a99c4fb8927f5988d2b8746a44f0fb68032583e75b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/favicon.ico HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:38 GMT
content-type: text/html; charset=UTF-8
content-length: 17831
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/latest-news-include.php

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/latest-news-include.php
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
cfebd9e359f292ec61e4fb288bdd2e16
dcfcabbf40b71e434ddbbf9933cbd0901327e2a7
7b96907dde148131f67c98a30224f0c54199792ebaeaaeb010b4c1e67e43ffd9

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/latest-news-include.php HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:48 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

151.101.193.229

200 OK

1.3 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (1499)
Size
1.3 kB (1295 bytes)
Hash
0f856c2800426884c2acdd3e1819f3f7
fc2b43e560c45bb887add98f17b084068a9232cb
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

HTTP Headers

GET /npm/lozad/dist/lozad.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1295
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.0
x-jsd-version-type: version
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:48 GMT
age: 24732
x-served-by: cache-fra-eddf8230052-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js

151.101.193.229

200 OK

14 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/@splidejs/splide@4.1.4/dist/js/splide.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (29400)
Size
14 kB (13512 bytes)
Hash
58db39c8e19b600ad104cfb9a528c2b2
dbdef6617d6fb7f141996c3a1d5aef202eadf867
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc

HTTP Headers

GET /npm/@splidejs/splide@4.1.4/dist/js/splide.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 13512
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.4
x-jsd-version-type: version
etag: W/"746b-2972YX1vt/FBmWw6HVrvIC6t+Gc"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:48 GMT
age: 3048256
x-served-by: cache-fra-eddf8230117-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js

151.101.193.229

200 OK

2.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (5467)
Size
2.6 kB (2595 bytes)
Hash
e79cb0b07302f28e837aaad59190f464
cc8e2a7c008e916ede5d4ae9882965e4ee63a4b9
03eda8a72aa1bdb055f2d6ddf6620cf30f73bef3181ce6b0634dc1411b6aecac

HTTP Headers

GET /npm/@splidejs/splide-extension-auto-scroll@0.5.3/dist/js/splide-extension-auto-scroll.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2595
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.5.3
x-jsd-version-type: version
etag: W/"15d3-zI4qfACOkW7eXUrpiCll5O5jpLk"
content-encoding: br
accept-ranges: bytes
date: Wed, 06 Dec 2023 09:17:48 GMT
age: 1826609
x-served-by: cache-fra-etou8220046-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

bettamint.com/forms/assets/multi-select/multi-select.css

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/multi-select/multi-select.css
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17831 bytes)
Hash
aeb1f2a34a15f4b95e032257050cf7f8
6b506539af71ae84369d617d4419480f40fa8fde
6a5ca24af400e70f9e26f8a99c4fb8927f5988d2b8746a44f0fb68032583e75b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/multi-select/multi-select.css HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:48 GMT
content-type: text/html; charset=UTF-8
content-length: 17831
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: HIT
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/logo-dark.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/logo-dark.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/logo-dark.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.bettamint.com/blog/wp-json/wp/v2/posts?per_page=3

192.124.249.6

7.2 kB

URL GET
www.bettamint.com/blog/wp-json/wp/v2/posts?per_page=3
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
JSON data\012- , ASCII text, with very long lines (23743), with no line terminators
Size
7.2 kB (7200 bytes)
Hash
0947ad751920075a546301da741e900d
2f25cd2d737429f788d275495a06cf723b672a92
cc8f5bf40c1c2c60e3e48d5b82694bda84bcb20b5d4ad1465a88e5e3a9107aad

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /blog/wp-json/wp/v2/posts?per_page=3 HTTP/1.1
Host: www.bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bettamint.com/
Origin: https://bettamint.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: application/json; charset=UTF-8
content-length: 7200
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-total: 17
x-wp-totalpages: 6
link: <https://www.bettamint.com/blog/wp-json/wp/v2/posts?per_page=3&page=2>; rel="next"
allow: GET
access-control-allow-origin: https://bettamint.com
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/get-playstore.png

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/images/get-playstore.png
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/get-playstore.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/get-app-bg.png

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/images/get-app-bg.png
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/get-app-bg.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/logo.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/logo.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/logo.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/css/style.css?v=1701854268

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/css/style.css?v=1701854268
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/css/style.css?v=1701854268 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/home-pic.png?v=1701854268

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/home-pic.png?v=1701854268
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/home-pic.png?v=1701854268 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/login.png

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/images/login.png
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/login.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/images/phone-img.png

192.124.249.6

18 kB

URL GET
bettamint.com/forms/assets/images/phone-img.png
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/images/phone-img.png HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31154 bytes)
Hash
641dd14370106e992d352166f5a07e99
eda46747c71d38a880bee44f9a439c3858bb8f99
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

HTTP Headers

GET /ajax/libs/jquery/3.6.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:10 GMT
expires: Wed, 04 Dec 2024 04:34:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31154 bytes)
Hash
641dd14370106e992d352166f5a07e99
eda46747c71d38a880bee44f9a439c3858bb8f99
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

HTTP Headers

GET /ajax/libs/jquery/3.6.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:10 GMT
expires: Wed, 04 Dec 2024 04:34:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bettamint.com/forms/assets/js/bootstrap.min.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/bootstrap.min.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/bootstrap.min.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/favicon.ico

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/favicon.ico
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
18832bf998f8f3a63fe260bf0338844c
723bb1b49e85a68a73ced5691756adbdf2148712
bab9802002fd773d53e3dfcfaad57b5903abede142f0c55fb406bad34b97fbb6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/favicon.ico HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/slick.js?v=1701854268

192.124.249.6

18 kB

URL
bettamint.com/forms/assets/js/slick.js?v=1701854268
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
33bdc98a6b0eb157361c02ea62e6fc11
12dcdddfde9fb097ac5c0609d623b01bf485ef06
a243541959cc2d0342dd5f808cdf9aefc56cf3664aed1d07e8197f4aa83165db

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/slick.js?v=1701854268 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:50 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/jquery.fancybox.min.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/jquery.fancybox.min.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/jquery.fancybox.min.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:50 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: HIT
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/wow.js

192.124.249.6

200 OK

18 kB

URL GET HTTP/2
bettamint.com/forms/assets/js/wow.js
IP
192.124.249.6:443
ASN
#30148 SUCURI-SEC

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
5f573fabc45b8d760fcf4692bb05d7c6
ab777afeb405d003d0c934fb6071aa02f2cffc0f
9ce3f2a5d58ccdeec3c2e5d1362e7c643cf68c54f744b1981e4e25125c15d23c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/wow.js HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:50 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: HIT
X-Firefox-Spdy: h2

bettamint.com/forms/assets/js/functions.js?v=1701854268

192.124.249.6

18 kB

URL
bettamint.com/forms/assets/js/functions.js?v=1701854268
IP
192.124.249.6:0
ASN
#30148 SUCURI-SEC

Certificate
IssuerGoDaddy.com, Inc.
Subjectbettamint.com
Fingerprint91:F9:1E:FE:5B:7D:16:15:31:4D:FE:C4:99:8A:3E:BB:A5:E7:C2:93
ValidityTue, 23 May 2023 12:09:57 GMT - Thu, 23 May 2024 12:09:57 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5305)
Size
18 kB (17830 bytes)
Hash
33bdc98a6b0eb157361c02ea62e6fc11
12dcdddfde9fb097ac5c0609d623b01bf485ef06
a243541959cc2d0342dd5f808cdf9aefc56cf3664aed1d07e8197f4aa83165db

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forms/assets/js/functions.js?v=1701854268 HTTP/1.1
Host: bettamint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/forms/file3.ps1
Cookie: PHPSESSID=kbh7e37am9s9dduha9c9oufm3e; _tccl_visitor=e5ce4706-f26d-5cb2-891a-d895192f52e0; _tccl_visit=e5ce4706-f26d-5cb2-891a-d895192f52e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 09:17:50 GMT
content-type: text/html; charset=UTF-8
content-length: 17830
x-sucuri-id: 19006
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

104.16.125.175

200 OK

30 kB

URL GET HTTP/2
unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (40808), with no line terminators
Size
30 kB (29970 bytes)
Hash
f3b8ce97ff6ce324da6232da353adf40
2a3daabc70232c6350ab48d32605dc4a6ac1f1fa
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

HTTP Headers

GET /sweetalert@2.1.2/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bettamint.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 09:17:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
via: 1.1 fly.io
fly-request-id: 01HFTTAHA38FKXHYAKJFYNFQAJ-arn
cf-cache-status: HIT
age: 1220939
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 831370267c447128-OSL
content-encoding: br
X-Firefox-Spdy: h2

img1.wsimg.com/traffic-assets/js/tccl.min.js

23.36.79.43

301 Moved Permanently

0 B

URL GET HTTP/2
img1.wsimg.com/traffic-assets/js/tccl.min.js
IP
23.36.79.43:443
ASN
#20940 Akamai International B.V.

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
content-length: 0
location: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
cache-control: max-age=31536000
expires: Thu, 05 Dec 2024 09:17:50 GMT
date: Wed, 06 Dec 2023 09:17:50 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

23.36.79.43

200 OK

13 kB

URL GET HTTP/2
img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
IP
23.36.79.43:443
ASN
#20940 Akamai International B.V.

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
ASCII text, with very long lines (46628)
Size
13 kB (13404 bytes)
Hash
8e70743bdf9b3d3adbb26471c84a006c
628d9f8f60b9055384bb3a0878e63683122ab616
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

HTTP Headers

GET /signals/js/clients/tccl/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bettamint.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: SHMTKd/PfvKGkKQ3xrihkWhErxpto4wdM0h5rMPJztpD22rQG9QOtkAwZwfm4LPZOi5a/Aah5WE=
x-amz-request-id: 2AZPRWBHQ4K2FDZJ
last-modified: Wed, 18 Oct 2023 16:44:03 GMT
etag: "8e70743bdf9b3d3adbb26471c84a006c"
x-amz-server-side-encryption: AES256
x-amz-meta-version: 2.0.2
x-amz-version-id: CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 13404
cache-control: max-age=1800
expires: Wed, 06 Dec 2023 09:47:50 GMT
date: Wed, 06 Dec 2023 09:17:50 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

unpkg.com/sweetalert/dist/sweetalert.min.js

104.16.125.175

302 Found

41 kB

URL GET HTTP/2
unpkg.com/sweetalert/dist/sweetalert.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
41 kB (40808 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bettamint.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 06 Dec 2023 09:17:35 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /sweetalert@2.1.2/dist/sweetalert.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HGZ6JHTKT0XS3KRZE8YJPKAA-arn
cf-cache-status: HIT
age: 119
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 83136fcbbcb87128-OSL
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

200 OK

77 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bettamint.com/forms/file3.ps1
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bettamint.com
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 09:17:36 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9f32470aa6d804d71d2f7fbfed2f6a94
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83136fce8e757127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by