| |  185.50.25.19 | 200 OK | 52 kB |
URL User Request GET HTTP/1.1IP185.50.25.19:80
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (61398), with CRLF, LF line terminators Hash147402262cd7dc9c424e593ce47a724b 665c40a83ea180118fc841956b877a1498bdb882 5c94f7100d3e761ee14b5dd4881e51a3ec1876dfbc96d9f8686807307874e04c
| NIDS | Severity | Alert |
|---|
| suricata | high | ET WEB_CLIENT Generic Attempted Executable Drop via VBScript | | suricata | high | ET WEB_CLIENT Generic Attempted Executable Drop via VBScript |
GET / HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
Last-Modified: Fri, 01 Sep 2017 18:18:52 GMT
ETag: W/"1b5ce-55824cb093b00"
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/css/preloader.css | 185.50.25.19 | 200 OK | 629 B |
URL GET HTTP/1.1i91631d6.beget.tech/css/preloader.css IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeASCII text, with very long lines (2569), with no line terminators Hashbb387c910f1e770f6e740ea460a178fc f95ae82daa25cd5b161d73953e7b6d5b20fc7940 072f14f11176329ef66aa5d8fdcd5a55fd2d1a4a70b66434e82d9ee2b2e120e0
GET /css/preloader.css HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Jul 2017 18:33:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a0e-a09"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/css/Shacke.css | 185.50.25.19 | 200 OK | 2.6 kB |
URL GET HTTP/1.1i91631d6.beget.tech/css/Shacke.css IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeASCII text, with very long lines (21820), with no line terminators Hash4bea16f4ff083edb6c2b70e36ecea9e4 52bcb27ea1a9b635de366240ce4c40bade12ba5d d9017f2634cbb578aa46c39c297830f85248bcec668f8e8b66cc9b4b29ed49ab
GET /css/Shacke.css HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Jul 2017 18:33:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a0e-553c"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/js/1.js | 185.50.25.19 | 200 OK | 99 B |
URL GET HTTP/1.1i91631d6.beget.tech/js/1.js IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeUnicode text, UTF-8 text, with no line terminators Hashd76f7a7ca3b486202c9e134102eb7f11 d4a75018d432d2a4d879b3a6546851bd64962303 cca02be49d7e70d46666a0697d1526a4191c75436562c48703b29e1fdf050370
GET /js/1.js HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 01 Sep 2017 18:17:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59a9a44b-6b"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/js/main.js | 185.50.25.19 | 200 OK | 1.8 kB |
URL GET HTTP/1.1i91631d6.beget.tech/js/main.js IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeJavaScript source, ASCII text, with very long lines (3177) Hash86faa9c1cb9e6f9bcffcaf049def24d9 a9e0088819d96acdc97f0029fd4e77e02c7af144 a963a4627f69abb16128feef026b4af61c013cef1f403fdf0d3a9605d877a4af
GET /js/main.js HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Jul 2017 18:33:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a09-14d8"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/font-awesome-4.7.0/css/font-awesome.min.css | 185.50.25.19 | 200 OK | 7.1 kB |
URL GET HTTP/1.1i91631d6.beget.tech/font-awesome-4.7.0/css/font-awesome.min.css IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Jul 2017 18:33:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a0e-7918"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js |  216.58.211.10 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js IP216.58.211.10:443
Requested byhttp://i91631d6.beget.tech/ CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT
File typeJavaScript source, ASCII text, with very long lines (32069) Hash6fc159d00dc3cea4153c038739683f93 5d7e5bbfa540f0e53bd599e4305e1a4e815b5dd1 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Jan 2025 23:37:46 GMT
expires: Mon, 05 Jan 2026 23:37:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 191416
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i91631d6.beget.tech/js/kill.js | 185.50.25.19 | 200 OK | 928 B |
URL GET HTTP/1.1i91631d6.beget.tech/js/kill.js IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeJavaScript source, ASCII text Hash49fe707e8079627aa116644337c8dbe5 3ef62facb4e8d4589d831d81a4ebfdcd34990e19 e0816d88f1b96b4e5f2ab4b83b5b1ac9ff7f90d10e66891145ac8360468342f4
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Anti-debugging code |
GET /js/kill.js HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: application/x-javascript
Last-Modified: Sun, 20 Aug 2017 15:43:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5999ae05-909"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/js/jquery.js | 185.50.25.19 | 200 OK | 30 kB |
URL GET HTTP/1.1i91631d6.beget.tech/js/jquery.js IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeJavaScript source, ASCII text, with very long lines (64073) Hashd294c23767dd5bf36b41a97c32d390b1 0259e75f6bb447dbbc28f4baa666dc4b6c7ac281 f9005e8697bb8d2b348b3fe39efd3bcc51c7b76f032e6a9cf958b32c1b6cef5a
GET /js/jquery.js HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Jul 2017 18:33:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a09-148c0"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/css/highstl.css | 185.50.25.19 | 200 OK | 1.7 kB |
URL GET HTTP/1.1i91631d6.beget.tech/css/highstl.css IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeASCII text, with very long lines (524) Hashde361461b1bc8ef8e8f4790cfc3e8eee 2bf3c883fc712d6c9562ea529118d9a898cc8350 0ed4968d7f7b93e66ec40df7ca34ed97eff11fefc87dff39ea8e14785b1850f0
GET /css/highstl.css HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Jul 2017 18:33:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a0e-1474"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/js/plugins.min.js | 185.50.25.19 | 200 OK | 28 kB |
URL GET HTTP/1.1i91631d6.beget.tech/js/plugins.min.js IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeJavaScript source, ASCII text, with very long lines (20670) Hash005baf5b15d831bb07049d84fe127569 8f6383e1f3312c173286fa6bb1134ccb95c83f9f 50b0fa80669ee999e4ba478f5ce7a558d5825c96d572e54fe94b677c50309700
GET /js/plugins.min.js HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Jul 2017 18:33:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a09-17dcb"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/css/animate.css | 185.50.25.19 | 200 OK | 3.9 kB |
URL GET HTTP/1.1i91631d6.beget.tech/css/animate.css IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeASCII text, with very long lines (57013), with no line terminators Hashb9f309d49ef2b1267b7fc1e2912ff9f3 bfebcffb6c7cc0d82a1208cbd4d8519de5ec371c a4a9937b86a95ea5703db8b179e8ea8b5aa8538c16a1e982c43e896060db9a21
GET /css/animate.css HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:52 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Jul 2017 18:33:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"59651a0d-deb5"
Expires: Wed, 15 Jan 2025 04:47:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/images/overlay.png | 185.50.25.19 | 200 OK | 106 B |
URL GET HTTP/1.1i91631d6.beget.tech/images/overlay.png IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typePNG image data, 20 x 20, 1-bit colormap, non-interlaced Hash1af2611075fd79f9e93b980353b44596 d39b8b830b280fe183271edca2fa5c65f8db2b9e ded034ed0505418e0f5630a6ac89005a8d74d25b7c1155afcc023941b1f79f1b
GET /images/overlay.png HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/css/highstl.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: image/png
Content-Length: 106
Last-Modified: Tue, 11 Jul 2017 18:33:55 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "59651a13-6a"
Expires: Fri, 07 Feb 2025 04:47:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/images/cursor/cursor2.cur | 185.50.25.19 | 200 OK | 4.3 kB |
URL GET HTTP/1.1i91631d6.beget.tech/images/cursor/cursor2.cur IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeMS Windows cursor resource - 1 icon, 32x32, hotspot @12x5 Hashf3dc15c9168c76e64103dad31f4a3639 3db4d8456346369ea4ae1ec3780ba12bb1d27f40 bf66be28f6a35be57882a7bdc3d3249c5597312f19d8cc3e2390a01dc4cb2c70
GET /images/cursor/cursor2.cur HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/css/highstl.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Length: 4286
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Tue, 11 Jul 2017 18:33:56 GMT
ETag: "10be-5540ef12bad00"
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/images/cursor/cursor.cur | 185.50.25.19 | 200 OK | 4.3 kB |
URL GET HTTP/1.1i91631d6.beget.tech/images/cursor/cursor.cur IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeMS Windows cursor resource - 1 icon, 32x32, hotspot @9x8 Hash5760dc3ad5a2f67eb2ceee76ce54c92c 39fea104837f7b7ba92f74ebccd58edb8e2ba5ab 0f371e6041209c22f41be5b46c0e823219052b74955a357e2f053ff015581aed
GET /images/cursor/cursor.cur HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Length: 4286
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Tue, 11 Jul 2017 18:33:56 GMT
ETag: "10be-5540ef12bad00"
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/images/image_part_001_mini.jpg | 185.50.25.19 | 200 OK | 66 kB |
URL GET HTTP/1.1i91631d6.beget.tech/images/image_part_001_mini.jpg IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3 Hash4089d73b6a759654ada6c4a90717308f 9c96ed30b8eec7539a4431528d25c2063e4a2f64 b22b4cd6e421728f54b7825889754703b38a2a313015ae3a5cbb6c619cd70e87
GET /images/image_part_001_mini.jpg HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/css/preloader.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: image/jpeg
Content-Length: 66163
Last-Modified: Tue, 11 Jul 2017 18:33:55 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "59651a13-10273"
Expires: Fri, 07 Feb 2025 04:47:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 185.50.25.19 | 200 OK | 77 kB |
URL GET HTTP/1.1i91631d6.beget.tech/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/font-awesome-4.7.0/css/font-awesome.min.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Length: 77160
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Tue, 11 Jul 2017 18:33:51 GMT
ETag: "12d68-5540ef0df61c0"
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/images/image_part_002_mini.jpg | 185.50.25.19 | 200 OK | 58 kB |
URL GET HTTP/1.1i91631d6.beget.tech/images/image_part_002_mini.jpg IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3 Hashd5c01c45b7faef5482e7e638838a428a 6bbe9fe8b3ff51f9b7df59d02370afee18fd498e 6366ebb0dff6394b7efa11c5bd8a2d717e2dc24c2b836cf80424bb7542d03d8b
GET /images/image_part_002_mini.jpg HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/css/preloader.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: image/jpeg
Content-Length: 57730
Last-Modified: Tue, 11 Jul 2017 18:33:55 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "59651a13-e182"
Expires: Fri, 07 Feb 2025 04:47:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/videos/dem1x.mp4 | 185.50.25.19 | 206 Partial Content | 130 kB |
URL GET HTTP/1.1i91631d6.beget.tech/videos/dem1x.mp4 IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
Size130 kB (130104 bytes) Hashc6a2d53722cc9d9b696e795dc57b8bb0 cd09f50ed06a1d8bd62a26238b4ba09642631806 cdcbdc37d6343d7ca95db1525d97657cc3f609c941a8deef78af55348f566480
GET /videos/dem1x.mp4 HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=78512128-
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: video/mp4
Content-Length: 130104
Last-Modified: Sat, 19 Aug 2017 19:15:27 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "59988e4f-4affc38"
Expires: Fri, 07 Feb 2025 04:47:53 GMT
Cache-Control: max-age=2592000
Content-Range: bytes 78512128-78642231/78642232
|
|
| i91631d6.beget.tech/fonts/font.ttf | 185.50.25.19 | 200 OK | 119 kB |
URL GET HTTP/1.1i91631d6.beget.tech/fonts/font.ttf IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeTrueType Font data, 17 tables, 1st "LTSH", 21 names, Macintosh, Melon Creative Company�. 2014. All Rights ReservedHACKEDRegularHACKED:Version 1.001HACKEDVersion Size119 kB (119448 bytes) Hash8ee477f73c7697cf17cf9e18772e2016 c552bc5289d73e02739944ead24f9c35b3654f9c f2b35dd24ce6fee66f0fcc6d2ddeb5e9c85b1ac5030034088d7c228f23ddb526
GET /fonts/font.ttf HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: application/x-font-ttf
Content-Length: 119448
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Tue, 11 Jul 2017 18:33:55 GMT
ETag: "1d298-5540ef11c6ac0"
Accept-Ranges: bytes
|
|
| i91631d6.beget.tech/videos/dem1x.mp4 | 185.50.25.19 | 206 Partial Content | 171 kB |
URL GET HTTP/1.1i91631d6.beget.tech/videos/dem1x.mp4 IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
Size171 kB (171406 bytes) Hash3583f0560be5a74dbdf606bc61093425 3e9a158b45af62ac887dfe73685ac00f2b90a524 0d7b751f94b8c33465e235ed148f61b8ce61a429fd7e575e8c6dc4578d36ae7c
GET /videos/dem1x.mp4 HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=32768-
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: video/mp4
Content-Length: 78609464
Last-Modified: Sat, 19 Aug 2017 19:15:27 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "59988e4f-4affc38"
Expires: Fri, 07 Feb 2025 04:47:53 GMT
Cache-Control: max-age=2592000
Content-Range: bytes 32768-78642231/78642232
|
|
| i91631d6.beget.tech/fonts/font.ttf | 185.50.25.19 | 200 OK | 119 kB |
URL GET HTTP/1.1i91631d6.beget.tech/fonts/font.ttf IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeTrueType Font data, 17 tables, 1st "LTSH", 21 names, Macintosh, Melon Creative Company�. 2014. All Rights ReservedHACKEDRegularHACKED:Version 1.001HACKEDVersion Size119 kB (119448 bytes) Hash8ee477f73c7697cf17cf9e18772e2016 c552bc5289d73e02739944ead24f9c35b3654f9c f2b35dd24ce6fee66f0fcc6d2ddeb5e9c85b1ac5030034088d7c228f23ddb526
GET /fonts/font.ttf HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: application/x-font-ttf
Content-Length: 119448
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Tue, 11 Jul 2017 18:33:55 GMT
ETag: "1d298-5540ef11c6ac0"
Accept-Ranges: bytes
|
|
| | 185.50.25.19 | 200 OK | 52 kB |
URL User Request GET HTTP/1.1IP185.50.25.19:80
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (61398), with CRLF, LF line terminators Hash147402262cd7dc9c424e593ce47a724b 665c40a83ea180118fc841956b877a1498bdb882 5c94f7100d3e761ee14b5dd4881e51a3ec1876dfbc96d9f8686807307874e04c
| NIDS | Severity | Alert |
|---|
| suricata | high | ET WEB_CLIENT Generic Attempted Executable Drop via VBScript | | suricata | high | ET WEB_CLIENT Generic Attempted Executable Drop via VBScript |
GET / HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:48:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
Last-Modified: Fri, 01 Sep 2017 18:18:52 GMT
ETag: W/"1b5ce-55824cb093b00"
Content-Encoding: gzip
|
|
| i91631d6.beget.tech/favicon.ico | 185.50.25.19 | 200 OK | 932 B |
URL GET HTTP/1.1i91631d6.beget.tech/favicon.ico IP185.50.25.19:80
Requested byhttp://i91631d6.beget.tech/
File typeMS Windows icon resource - 1 icon, 16x16, 24 bits/pixel Hasha7143bfe9996736fdee419697b5552f7 3433acaef43b10108038bc35b082e21f180990b1 04c9162a62a9ba7ddcc01981fed0ae8b66fb2449c93e43104eeae90dd3a1b7ae
GET /favicon.ico HTTP/1.1
Host: i91631d6.beget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://i91631d6.beget.tech/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 08 Jan 2025 04:47:53 GMT
Content-Type: image/x-icon
Content-Length: 932
Last-Modified: Tue, 11 Jul 2017 18:33:44 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "59651a08-3a4"
Expires: Fri, 07 Feb 2025 04:47:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
0.0.0.0