www.ksg.lt/wp-content/uploads/2012/08/help.exe
79.98.24.17404 Not Found 78 kB URL User Request GET HTTP/2 www.ksg.lt/wp-content/uploads/2012/08/help.exe
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9721), with CRLF, LF line terminators
Hash 6dedf832aad6c8fcdddf93d0c08221fc
603c6e01a273ec53e208e64f5a627a091847f004
de0ef6789a5ee5513a4e51eabffcef997b22ce71f18fa3cb1fa375e08cad515b
NIDS Severity Alert suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
GET /wp-content/uploads/2012/08/help.exe HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Thu, 01 Jun 2023 00:40:06 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ksg.lt/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/css/classic-themes.min.css?ver=6.2.2
79.98.24.17 210 B URL www.ksg.lt/wp-includes/css/classic-themes.min.css?ver=6.2.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
Hash 1a0804b1a9d09705657f91fe7cad4c5a
feeece6f0b3e0bcf090547c475329a2772f6b26b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
GET /wp-includes/css/classic-themes.min.css?ver=6.2.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 21:40:11 GMT
etag: "123-5f810d21354ca-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 210
content-type: text/css
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome-child/style.css?ver=3.0
79.98.24.17 122 B URL www.ksg.lt/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
Hash 0849885bc891640f8d48ae65f847e6c4
bf2d12228a90c6c26afb8388588795b786c4e7c5
fad23ef930c674897e844762f481c55d57164d1cb0f7098bbeca354f9fd4c47f
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 03 Feb 2023 10:47:03 GMT
etag: "8a-5f3c966e5536e-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 122
content-type: text/css
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/bt_cost_calculator/bold-builder-light/bt-bb-light.js?ver=6.2.2
79.98.24.17 548 B URL www.ksg.lt/wp-content/plugins/bt_cost_calculator/bold-builder-light/bt-bb-light.js?ver=6.2.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with CRLF line terminators
Hash 843724b7d5fc74be4959f41038282fc5
6adc81f35885312b53b8c6df5b3c7fd803151bbe
aee4ef08b63373f9aa1191dc9fe966e484e7550e57df5a0b053223a8f9d27bb1
GET /wp-content/plugins/bt_cost_calculator/bold-builder-light/bt-bb-light.js?ver=6.2.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 10 Feb 2023 09:40:10 GMT
etag: "68a-5f455489068dc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 548
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
79.98.24.17 4.8 kB URL www.ksg.lt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (13326)
Hash 5cfa2b481de6e87c2190a0e3538515d8
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 21:40:11 GMT
etag: "3470-5f810d2153543-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4795
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/bt_cost_calculator/style.min.css?ver=6.2.2
79.98.24.17 6.3 kB URL www.ksg.lt/wp-content/plugins/bt_cost_calculator/style.min.css?ver=6.2.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
Hash fbdb82bdce9d64dd453bc7f8960682b9
79d649f0e710b7c40c9719e646b528490cf953de
9e0cc0028f739ee0407e8953ae96dbc11493e275999a308d3ffc8135a1665541
GET /wp-content/plugins/bt_cost_calculator/style.min.css?ver=6.2.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 10 Feb 2023 09:40:10 GMT
etag: "95a9-5f4554890ab45-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6264
content-type: text/css
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0
79.98.24.17 7.1 kB URL www.ksg.lt/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Mon, 19 Mar 2018 11:16:50 GMT
etag: "7918-567c21825cc80-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7053
content-type: text/css
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.2
79.98.24.17 8.4 kB URL www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f5aa1c4ab334103603daeb272de4d90
7f45c84f7eceb918f29246a941ec669f7ffbf820
2428cfcf9bc9e1235ed3ca8824e2f5ec41d0c36dac300e6529b216b4ce58ce9e
GET /wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 10 May 2023 21:40:06 GMT
etag: "1443d-5fb5db721c62e-gzip"
accept-ranges: bytes
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 8392
content-type: text/css
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
79.98.24.17 31 kB URL www.ksg.lt/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (65447)
Hash 0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.4 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 21:40:11 GMT
etag: "15ed7-5f810d2153543-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 31049
content-type: application/javascript
X-Firefox-Spdy: h2
ksg.lt/wp-content/uploads/2012/08/help.exe
79.98.24.17 29 kB URL ksg.lt/wp-content/uploads/2012/08/help.exe
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
File type gzip compressed data, from Unix\012- data
Hash 3d94ecbe434b60438302d19d53a75d5b
073a60701019a509f8414761982b20c90302c939
f3963a5e2bd1b455817a3cda354ee88c352a125788cf5fed630823f7c0093436
GET /wp-content/uploads/2012/08/help.exe HTTP/1.1
Host: ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 01 Jun 2023 00:40:06 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=6.2.2
79.98.24.17 12 kB URL www.ksg.lt/wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=6.2.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (440), with CRLF line terminators
Hash 6eddc69d741e320ddcde84ef6a3cec45
7c36e06bf037361eb390821ec4d385bbbfa90fa2
29f7252e971b226f2bdc88e5ac4c8c5d6e4ffa169c5a775e669833ef1d401650
GET /wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=6.2.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 10 Feb 2023 09:40:10 GMT
etag: "cb50-5f4554890ab45-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11604
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
79.98.24.17 1.0 kB URL www.ksg.lt/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
Hash dbfc65337a326c1c5b7a720becb486cd
40f1aa033240d056477cbbc8ea0a02e4efddf66f
44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969
GET /wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "dd2-5f32b88f744fa-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1034
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=6.2.2
79.98.24.17200 OK 464 B URL GET HTTP/2 www.ksg.lt/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=6.2.2
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (1148), with no line terminators
Hash c50f9c68a491239f56aac9dcb5727ea8
27abdd60be9018c6fb21416cfb35be7ab3d38577
971815e089187ba78e5d0ffb7ae1d5bf66a0edf04cdb38925481abdfa8ddf463
GET /wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=6.2.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Tue, 23 May 2023 21:40:07 GMT
etag: "47c-5fc633b1e35f6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 464
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/js/hoverIntent.min.js?ver=1.10.2
79.98.24.17 706 B URL www.ksg.lt/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (1464)
Hash 8c0498e2f1f7a684a8d2a3feb934b64b
76099689ccaee466d4608da621c403b368dcae03
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Mon, 03 Oct 2022 09:00:47 GMT
etag: "5db-5ea1d94559615-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 706
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
79.98.24.17 2.5 kB URL www.ksg.lt/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (6607), with no line terminators
Hash 9a4f28a615173df36cb84be2b345816e
f709263841708d9e40268f24a0072ff4fe811b35
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 21:40:11 GMT
etag: "19cf-5f810d21577ac-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2499
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
79.98.24.17 2.5 kB URL www.ksg.lt/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (8171), with no line terminators
Hash dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 29 Mar 2023 21:40:11 GMT
etag: "1feb-5f810d21577ac-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2484
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/bt_cost_calculator/cc.main.js?ver=6.2.2
79.98.24.17200 OK 6.1 kB URL GET HTTP/2 www.ksg.lt/wp-content/plugins/bt_cost_calculator/cc.main.js?ver=6.2.2
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (429)
Hash 71fca81c97637dc206940b3885cdbd4c
6a786e458615da9a9ce7e89f08f17eb6754efe54
1a5d5ef391fc08d1c2c847359141a673aad599692658781e4a435f072191958a
GET /wp-content/plugins/bt_cost_calculator/cc.main.js?ver=6.2.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 10 Feb 2023 09:40:10 GMT
etag: "82b7-5f4554890ab45-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6052
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.0
79.98.24.17 5.0 kB URL www.ksg.lt/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (13072)
Hash fe28432f39d383868c62b57694cca31d
9a4f0059402dc74350bf6451477903840b9553a5
4c1f3df3646c27bf2afe2e6ebe2a6fc0e3d3cc19bbebb265f205efd0e55f9136
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "3f6d-5f32b88f74112-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4967
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
79.98.24.17 6.5 kB URL www.ksg.lt/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Tue, 15 Nov 2022 21:10:26 GMT
etag: "459f-5ed88c8f28e02-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6532
content-type: application/javascript
X-Firefox-Spdy: h2
ksg.lt/wp-content/uploads/2018/05/KSG-logo.jpg
79.98.24.17 150 kB URL ksg.lt/wp-content/uploads/2018/05/KSG-logo.jpg
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:04:12 13:41:30], baseline, precision 8, 931x428, components 3\012- data
Size 150 kB (150484 bytes)
Hash 28ff563a044daa49a7c1ad3e8580076d
cef5d19e4069c3729eca7549f78df4a444ae4b92
54f085d175474862eb231cf6f4a06c50bc9118f1b7f41ae791fcdfc78e79a5cb
GET /wp-content/uploads/2018/05/KSG-logo.jpg HTTP/1.1
Host: ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Mon, 21 May 2018 14:15:53 GMT
etag: "24bd4-56cb7f07b9840"
accept-ranges: bytes
content-length: 150484
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/uploads/2019/07/ksg_logo.png
79.98.24.17 1.1 MB URL www.ksg.lt/wp-content/uploads/2019/07/ksg_logo.png
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type PNG image data, 740 x 362, 8-bit/color RGBA, non-interlaced\012- data
Size 1.1 MB (1072175 bytes)
Hash e662f63494d858d579fefe0280ac1449
b96d781ebbc16173706903be695b36a7d98edc83
41d949bc120f852c38cd8b8aa7dd9c78d1484ee96dde8757b2df042aa49029ae
GET /wp-content/uploads/2019/07/ksg_logo.png HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Mon, 22 Jul 2019 05:51:45 GMT
etag: "105c2f-58e3eabccde40"
accept-ranges: bytes
content-length: 1072175
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome/assets/js/flatsome.js?ver=cd604ff6aadd9abf847964cef8d66fea
79.98.24.17 17 kB URL www.ksg.lt/wp-content/themes/flatsome/assets/js/flatsome.js?ver=cd604ff6aadd9abf847964cef8d66fea
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (57026), with no line terminators
Hash cf8f38a39d4ab51d3cdde97d69351422
0d334a2989793f00fe267eb9bad61ea3cf89fbdc
ca1e86cf2464361279c7b3d2f439ead1b64c8b03cbab94c92512ef0c0a4d2d0c
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=cd604ff6aadd9abf847964cef8d66fea HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "dec2-5f32b88fa36e4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16659
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.12.2
79.98.24.17200 OK 14 kB URL GET HTTP/2 www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.12.2
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (31994)
Hash 93b4cbd9cdff9c50eee7c3188dfd3d26
f049dfd56f94eb03c10bd4e24364a3c525ce41fb
9ce57132b834a6e2ba83eae0eabd43ce4ffb3d60e2308f1c11324539f4cd36ca
GET /wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.12.2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 10 May 2023 21:40:06 GMT
etag: "ee96-5fb5db721c246-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14169
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 00:40:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ksg.lt/wp-content/uploads/2012/08/help.exe
79.98.24.17404 Not Found 85 kB URL User Request GET HTTP/2 www.ksg.lt/wp-content/uploads/2012/08/help.exe
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9721), with CRLF, LF line terminators
Hash 77edd485ab6ab8b313f560c7ec7262a4
1e0afe0c285d0874035431efd59f0c7952678264
ffbc73eeb20e346ef8b51261083e82434dfa2b21d4e594686c74c15ba114adbf
NIDS Severity Alert suricata high ET MALWARE EXE Download Request To Wordpress Folder Likely Malicious
GET /wp-content/uploads/2012/08/help.exe HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ksg.lt/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0
79.98.24.17200 OK 77 kB URL GET HTTP/2 www.ksg.lt/wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Mon, 19 Mar 2018 11:16:52 GMT
etag: "12d68-567c218445100"
accept-ranges: bytes
content-length: 77160
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 00:40:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.0
79.98.24.17 1.8 kB URL www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (5448), with no line terminators
Hash 41f242b1db2dcdbc0f0c7f98f6067daa
2282ef8ab7be6203c7eae7becdc7d4be81240359
1d10d18b6506b8d79827e52e7fe396f90416fa1a01935ebfdae5506abb4ec395
GET /wp-content/themes/flatsome/assets/js/chunk.countup.js?ver=3.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "1548-5f32b88fa2744-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1830
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700
142.250.74.106 3.7 kB URL fonts.googleapis.com/css?family=Lato:400,700
IP 142.250.74.106:0
File type ASCII text, with very long lines (10850)
Hash f4eaf160e3bb30a4a873d7c9286e6d16
2b884a5dfb43aa83ea38cbc891df40c6f1f11d92
0738d7f1ab15ac9329f1457b8cdf2da2c08815b3d63d596353f7780dd78882fd
GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 00:40:07 GMT
date: Thu, 01 Jun 2023 00:40:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.0
79.98.24.17 7.1 kB URL www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.0
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (20237), with no line terminators
Hash 1e03f1f20f26709dd164aed74f0477e0
36d3605583b91acf2dea10e40e552f1a63e9e456
f2bfeafeabc1fa9974a730c648e05aa8311da720a276a65b5b1289f13ffcafed
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-popups.js?ver=3.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "4f0d-5f32b88fa2744-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7145
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.0
79.98.24.17200 OK 4.9 kB URL GET HTTP/2 www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.0
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (16876), with no line terminators
Hash 65a9e7b5381165373d222ccf87eb8883
81a2bc6c1dd69b640f56af67b7b82df3c29d2f4e
65e75a09caa57c1336bd3ac96c1cef78b68482a07bb7c036b20ac9c39028d7e6
GET /wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "41ec-5f32b88fa36e4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4861
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
79.98.24.17200 OK 19 kB URL GET HTTP/2 www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type Web Open Font Format (Version 2), TrueType, length 18912, version 1.0\012- data
Hash f937643e9e2d39b98a3ae9ada057e740
fe2534a5e2bf00d090f50ba03a536a0e76e8e9a6
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
GET /wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 10 May 2023 21:40:06 GMT
etag: "49e0-5fb5db721a6ee"
accept-ranges: bytes
content-length: 18912
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
79.98.24.17200 OK 19 kB URL GET HTTP/2 www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type Web Open Font Format (Version 2), TrueType, length 18796, version 1.0\012- data
Hash e5ab24fb2b666576b0f199e25e1b5c09
cf8cfb1025573f69d37688b617931ff10da62fd8
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
GET /wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Wed, 10 May 2023 21:40:06 GMT
etag: "496c-5fb5db721aebe"
accept-ranges: bytes
content-length: 18796
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.0
79.98.24.17200 OK 13 kB URL GET HTTP/2 www.ksg.lt/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.0
IP 79.98.24.17:443
ASN #212531 UAB Interneto vizija
Requested by https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type ASCII text, with very long lines (49588), with no line terminators
Hash a0037568564d96bbccbf5d4fb8301992
51fa7054ec54dfc45e68e5d06ad0e5384345ce5d
94ea82575865592c90d5ed473b8884d28ecf2987b78974e9290b02b6a927b4a9
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.0 HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 14:26:30 GMT
etag: "c1b4-5f32b88fa36e4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13169
content-type: application/javascript
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/uploads/2019/12/cropped-ksg_only_50-32x32.png
79.98.24.17 2.9 kB URL www.ksg.lt/wp-content/uploads/2019/12/cropped-ksg_only_50-32x32.png
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d49dcba802f449f095700fd63c69a66
6199528b1c33a0ca40cb6c4d26440f510f9a35fb
4a665ddfb518708fec6714090558343ec9f2fbcfafe6498c2ca2a0af5e2b6d11
GET /wp-content/uploads/2019/12/cropped-ksg_only_50-32x32.png HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 13 Dec 2019 06:41:15 GMT
etag: "b28-5999025f978c0"
accept-ranges: bytes
content-length: 2856
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.ksg.lt/wp-content/uploads/2019/12/cropped-ksg_only_50-192x192.png
79.98.24.17 26 kB URL www.ksg.lt/wp-content/uploads/2019/12/cropped-ksg_only_50-192x192.png
IP 79.98.24.17:0
ASN #212531 UAB Interneto vizija
Certificate IssuerLet's Encrypt
Subjectksg.lt
Fingerprint9F:01:10:14:9D:73:CD:39:58:9B:C5:EA:0A:FA:8E:7C:77:27:D8:47
ValidityWed, 31 May 2023 02:21:55 GMT - Tue, 29 Aug 2023 02:21:54 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 5216378d065f8221bb6eb1df0d99386f
cabd338b3cfaa2a3c44b870936495463b74efc87
fc72d6ea1f436a041b13c8985349dc138c285b1e880a4e82f1ff0369b7686f28
GET /wp-content/uploads/2019/12/cropped-ksg_only_50-192x192.png HTTP/1.1
Host: www.ksg.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ksg.lt/wp-content/uploads/2012/08/help.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 00:40:07 GMT
server: Apache
last-modified: Fri, 13 Dec 2019 06:41:15 GMT
etag: "674a-5999025f978c0"
accept-ranges: bytes
content-length: 26442
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 00:40:07 GMT
content-type: image/png
X-Firefox-Spdy: h2