biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
201.131.220.49200 OK 133 kB URL User Request GET HTTP/1.1 biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
IP 201.131.220.49:80
ASN #6147 Telefonica del Peru S.A.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (41363), with CRLF line terminators
Size 133 kB (133351 bytes)
Hash d7bc310a367fa98875313b2fbae412ba
5ec672eddc8a1ccec7279fdcbeab8a02864320b6
bd0cca6e34eb22bc88f54287ef3992e9a7a57ff5688d45b904662e950e7b4509
NIDS Severity Alert suricata high ET WEB_CLIENT ALFA TEaM Webshell Accessed on External Compromised Server
GET /ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess HTTP/1.1
Host: biblioteca.cultura.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:18 GMT
Server: Apache
Set-Cookie: PHPSESSID=9t5kni5fub0vmgthkb7mqg4gt3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
solevisible.com/icons/php.png
45.153.241.70200 OK 4.6 kB URL GET HTTP/1.1 solevisible.com/icons/php.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d2c65b87e9acd54a33aa4ddfde5cf26
1374beedb9d12e118182d351312018b3d1ba6711
ca8beb93db377cb33095ef78fa297549bb5711f6d68b092065584b44b6b9b366
GET /icons/php.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 27 Aug 2016 18:38:10 GMT
ETag: "11f3-53b11eec62880"
Accept-Ranges: bytes
Content-Length: 4595
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/back.png
45.153.241.70200 OK 3.6 kB URL GET HTTP/1.1 solevisible.com/icons/back.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 16389acf28e5625dd4b77e976a345222
7f61b4aaca4899fdd30d460a90440a965e074cf2
fc8fcba869752f41964aebfd177a3434d720a7de976555353d77420937faf7a0
GET /icons/back.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 22 Aug 2016 01:25:18 GMT
ETag: "e36-53a9eebbf9b80"
Accept-Ranges: bytes
Content-Length: 3638
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/ico.png
45.153.241.70200 OK 5.0 kB URL GET HTTP/1.1 solevisible.com/icons/ico.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash e70269a5e421ad4deeddc5412d7f98ed
077530b03b54570ae27ca7c2c992aa0a4d6a42b2
b5c6e2dd09f10a8f944e1d5c875b13182c383b3b81ce0cb274b45e7e5250724b
GET /icons/ico.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 28 Aug 2016 21:44:00 GMT
ETag: "139b-53b28a5350800"
Accept-Ranges: bytes
Content-Length: 5019
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/folder.png
45.153.241.70200 OK 3.9 kB URL GET HTTP/1.1 solevisible.com/icons/folder.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash e1f9fbecf1bce67bed6a45bc553f853d
670d3b10495bbe9cb44dee15143ac29fad32ec28
787e869e4f4dd64f6d3d8c8f8e93f16ecba592626e806342f61b27ac827f01ae
GET /icons/folder.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 22 Aug 2016 01:24:48 GMT
ETag: "f0c-53a9ee9f5d800"
Accept-Ranges: bytes
Content-Length: 3852
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/images/alfa-iran.png
45.153.241.70200 OK 34 kB URL GET HTTP/1.1 solevisible.com/images/alfa-iran.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash a6c07f712d44090c3b38e6bc08c85726
97424b5ab8d2b13032df5186c7f5fb30c0e3ec3e
1f3a442ce40ebfd1ba5d56a072a8121851d4d5c3279b15333bf7164a166f38eb
GET /images/alfa-iran.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 05 Nov 2017 20:21:42 GMT
ETag: "82dc-55d421601e180"
Accept-Ranges: bytes
Content-Length: 33500
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/images/alfabg.png
45.153.241.70200 OK 18 kB URL GET HTTP/1.1 solevisible.com/images/alfabg.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 800 x 500, 4-bit colormap, non-interlaced\012- data
Hash 2afcb5b8bfe2cb934d243b36092b7676
faf8a77a430cbebbac8d0e5b04b58ac41431f327
3ee4594f1b05e72145620a89dbddeeb3811dd8ad4c99a7c7d2bcfba83fce5798
GET /images/alfabg.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 19 Aug 2016 23:13:26 GMT
ETag: "4557-53a74d8795180"
Accept-Ranges: bytes
Content-Length: 17751
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/notfound.png
45.153.241.70200 OK 4.7 kB URL GET HTTP/1.1 solevisible.com/icons/notfound.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 59d99191c02bf552e6a86a9bde87db2a
c1ddc04ff733ab1ecfe7bd8124d33a53f14910c4
78100eb0b02de58e442f3deefb1760b3c17c3e3e2dac6aa699a9c6b3c1fa2f8e
GET /icons/notfound.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 29 Aug 2016 21:04:40 GMT
ETag: "128a-53b3c3661aa00"
Accept-Ranges: bytes
Content-Length: 4746
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/gz.png
45.153.241.70200 OK 4.3 kB URL GET HTTP/1.1 solevisible.com/icons/gz.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d7ff2d2df6265618bab7627c5e1fa5d
a711cc59e05dd07318a9d34708b517e2842f5d4a
4bccb81fea985d5a76b252f3c29465397aa7be23d31697e40115893a0c697ed5
GET /icons/gz.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 04 Sep 2016 20:15:44 GMT
ETag: "10b4-53bb43a6e1c00"
Accept-Ranges: bytes
Content-Length: 4276
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/zip.png
45.153.241.70200 OK 4.3 kB URL GET HTTP/1.1 solevisible.com/icons/zip.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash cbaf9ee0b21b8f0ef8939edbd3dcc366
f80d8e0ff6f1c8eaba6ab04d94ea6c081f924634
e3f8f08b16a3edfa20db282f2376a9dede4869767f8d01667393a146bedb0b49
GET /icons/zip.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sun, 28 Aug 2016 21:50:48 GMT
ETag: "10c0-53b28bd869e00"
Accept-Ranges: bytes
Content-Length: 4288
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
solevisible.com/icons/sql.png
45.153.241.70200 OK 4.7 kB URL GET HTTP/1.1 solevisible.com/icons/sql.png
IP 45.153.241.70:80
Requested by http://biblioteca.cultura.pe/ncc.php?$urlAddcmd=con&stderr=&work_dir=/var&&s=r&cmd=ren&lastcmd=dir&lastdir=./sic/newdir15/..&oldfile=./sic/.htaccess
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f1bd29887e7bb0406503036c9f171ea
555493305975f29a8a2894dbfbbe26eb4c4bdccb
96824a689b3e143459284aa32e0f0daba37d1326d849edd6620d810207914aaf
GET /icons/sql.png HTTP/1.1
Host: solevisible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://biblioteca.cultura.pe/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 02:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 27 Aug 2016 19:05:44 GMT
ETag: "125f-53b12515c3200"
Accept-Ranges: bytes
Content-Length: 4703
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png