{"report_id":"cbd1d2b8-139f-4acc-9d20-a4eb0b3a4e6f","version":6,"status":"done","tags":["suspicious"],"date":"2025-01-08T04:48:29Z","url":{"schema":"http","addr":"i91631d6.beget.tech/","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":0,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"http","addr":"i91631d6.beget.tech/#Dem1x%20Top%20HvH%20%20#Dem1x%20Top%20%20%D1%81%D0%B5%D0%BB%D0%BB%D0%BF%D0%B5%D1%80%20#Dem1x%20%D0%95%D0%BE%D0%BF%20%D0%9D%D1%8F%D1%84%D0%BA%D0%B0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"title":"Demix $"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-19T04:48:29Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"i91631d6.beget.tech","ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"domain_registered":"2016-08-29","domain_rank":0,"first_seen":"2018-12-16T21:11:55Z","last_seen":"2022-07-28T18:05:48Z","alert_count":5,"request_count":23,"received_data":938096,"sent_data":8401,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":12905,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-01-08T01:58:22.478277Z","alert_count":0,"request_count":1,"received_data":31073,"sent_data":433,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-08T04:48:02Z","timestamp":1736311682,"ip_dst":{"addr":"172.18.0.2","port":55616,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"severity":"high","alert":"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript","source":"{\"timestamp\":\"2025-01-08T04:48:02.639050+0000\",\"flow_id\":671092993849952,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.50.25.19\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":55616,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031508,\"rev\":2,\"signature\":\"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_01_11\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2021_01_11\"]}},\"http\":{\"hostname\":\"i91631d6.beget.tech\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":24303},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":21,\"bytes_toserver\":1720,\"bytes_toclient\":28906,\"start\":\"2025-01-08T04:48:02.490080+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-08T04:48:26Z","timestamp":1736311706,"ip_dst":{"addr":"172.18.0.2","port":51170,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"severity":"high","alert":"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript","source":"{\"timestamp\":\"2025-01-08T04:48:26.059532+0000\",\"flow_id\":176308467922174,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.50.25.19\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":51170,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031508,\"rev\":2,\"signature\":\"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_01_11\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2021_01_11\"]}},\"http\":{\"hostname\":\"i91631d6.beget.tech\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":22855},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":21,\"bytes_toserver\":1534,\"bytes_toclient\":28906,\"start\":\"2025-01-08T04:48:25.914686+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/main.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"86faa9c1cb9e6f9bcffcaf049def24d9","sha1":"a9e0088819d96acdc97f0029fd4e77e02c7af144","sha256":"a963a4627f69abb16128feef026b4af61c013cef1f403fdf0d3a9605d877a4af","sha512":"b7a5fcc4de6f7771f83f83a35239ea95c5089ed4a26152f1d804e1506454f5d6fd3c15b0896858df47147db9a4dfa59c8cc083487256973ac3b31574bea05983","ssdeep":"96:EciUAIGbQJ3FZBKwZ/Tk10THimnUp/jWOHXZDBYYcK8F7Gj:E+3X/nZA0TmjWOHXZFYYr8F7Y","tlshash":"a8b1100ef644ad678a7b12b2106f65986b7718108802c055f6fa45bddfa0d4efe43b89","size":5336,"data":"","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.840065Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/#Dem1x%20Top%20HvH%20%20#Dem1x%20Top%20%20%D1%81%D0%B5%D0%BB%D0%BB%D0%BF%D0%B5%D1%80%20#Dem1x%20%D0%95%D0%BE%D0%BF%20%D0%9D%D1%8F%D1%84%D0%BA%D0%B0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac2d7f92039d0f44911f93d1d61b6f8d","sha1":"8583a5a91963397b61ccad0b280960370b810a0d","sha256":"f571a86806925f624da6b79dd2f99443670ac0e3c28ba2e40cf7f1b1a3187424","sha512":"d87bdc2393db914acf7dcc65c43bdfbc88dff5cdd43de04fac241e2c4a243ea742d4d6ed08617b112a2b51b2ba0595bda6d8f874d216ccbdf7d473e60fe1ce07","ssdeep":"","tlshash":"41c08cc574e360705ab470b8132ff249f8234590148cd5d0f00c0c92bfd0c29c8a4844","size":167,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.860565Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"13773f27d288d40523ed56b29d234da7","sha1":"6a979ff58ebdca493c26d14d4533cc3e045509d6","sha256":"3b7779183908a7317b327ad015b55a7054e53ec76e6649ffba675b9c9f5d43c0","sha512":"6bd893de4d63ca3b376eb9fb8aae3ab69c10b376969a9d4fac3c1a1205594fbab972a72615b1157c092c10caac9cd33b1b159259d84db5849f7facea03340b05","ssdeep":"","tlshash":"196000300c000c000f3000c000c0030c030000f0c00000cc3c0c33c0030300f00f3030","size":15,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-10-26T04:43:50.097253Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"75e77b62960a375148fa8c158d17f3c3","sha1":"99a92f524d4bb75ef4e2175348b7d5e0c8ff54a0","sha256":"1cf6621e3676f7c79536862c26b1f9477c08ffb4c9df65d1e3256793d381496a","sha512":"96375e16a096ede13ceaba8867b1ce55cbbd524b84de788c57a5e8ded3c7e0febd32814dbbd2dbc13241f5903dfb884a7fcf7b14ec03e6f2c3212201d4291880","ssdeep":"","tlshash":"55e000a00080a23cb08080c88b0c00ac382fcf2a0000c0200000a88ac020300c02ce00","size":165,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.861579Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/plugins.min.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"005baf5b15d831bb07049d84fe127569","sha1":"8f6383e1f3312c173286fa6bb1134ccb95c83f9f","sha256":"50b0fa80669ee999e4ba478f5ce7a558d5825c96d572e54fe94b677c50309700","sha512":"81ee6fb35c48ced7f2446b0d4bc4e4ae83058ef012af40730a96d2d0d068e07ae41f0f9e06eeaccbf8e65d6351ccdfa3a2af684f13a4aa4b0cd606277fb4cfb3","ssdeep":"1536:MkChcEPx6+sFcH55vOcx9UMnMI3MXobdS2gZfE/1Eny+DnRtza9TUkXDBO6LI+k6:shxp/siBWDMGllTyU1JE","tlshash":"44a3168973d1321287db31b5542f0b0a7076e961240c943cb878ddd5beb8e5892abfbd","size":97739,"data":"","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.849856Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/kill.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"49fe707e8079627aa116644337c8dbe5","sha1":"3ef62facb4e8d4589d831d81a4ebfdcd34990e19","sha256":"e0816d88f1b96b4e5f2ab4b83b5b1ac9ff7f90d10e66891145ac8360468342f4","sha512":"1aa49258f642a92df00fcfd311c087bf6c068ed315d3378c50f85a1637e511626ec229b30ac043a0a77f43dc1a4b6dea81fb721e4b6b049c94bdb2c545ca3f89","ssdeep":"","tlshash":"f841244e340548b199073a5c8ef7c9943c3d26819c529250bc8cbc8b37dde6dd19ef65","size":2313,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.84221Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/#Dem1x%20Top%20HvH%20%20#Dem1x%20Top%20%20%D1%81%D0%B5%D0%BB%D0%BB%D0%BF%D0%B5%D1%80%20#Dem1x%20%D0%95%D0%BE%D0%BF%20%D0%9D%D1%8F%D1%84%D0%BA%D0%B0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"a51ddcb53332b2fcfc39c467a5015096","sha1":"bc56723d78a946eb8b73b73154db83af6291d1c2","sha256":"2716671c5204c47ae672b3a2633b16717fb128985e6f03822bd4a7d98f1c3e76","sha512":"d92d49395ad4cb2b031af5b3b5f4f04be81cc1959a2dc86225215e87482929bf0982be45d28aa1aca17b71373027e750fc8101704c3c52f7f3360b08cf980f9c","ssdeep":"","tlshash":"86e08c60978b81141200a1058449be88b9b8c83f7e035311848c3faeb4a48788392989","size":294,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.862507Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/jquery.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"d294c23767dd5bf36b41a97c32d390b1","sha1":"0259e75f6bb447dbbc28f4baa666dc4b6c7ac281","sha256":"f9005e8697bb8d2b348b3fe39efd3bcc51c7b76f032e6a9cf958b32c1b6cef5a","sha512":"bc03c5c099a13d3a74f850476696e5f26538de7c48b576abd110cd003616989881e93e38709e0184798075b9f1d844fd1aa65d45eed25af51325c10371c050e7","ssdeep":"1536:UPEkjP+iADIOr/NEe876nmBu3HvF38NduuJO1z6/A4TqAub0i4ULvguEhjzXpa9y:LNM/Jiz6oAQKP5a98HrJ","tlshash":"d783d6d9b6c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84160,"data":"","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.838909Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/#Dem1x%20Top%20HvH%20%20#Dem1x%20Top%20%20%D1%81%D0%B5%D0%BB%D0%BB%D0%BF%D0%B5%D1%80%20#Dem1x%20%D0%95%D0%BE%D0%BF%20%D0%9D%D1%8F%D1%84%D0%BA%D0%B0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"42ea692d5aef5f42aadaeae166b76d0a","sha1":"47c73280a3bda6042da23722d7351d2e617952f7","sha256":"524c3b24b386ac48b48cbc273be369602cfd0b6f664d3b10ac825806b503f731","sha512":"f9906b6dfd001f1647d1be0d5eff5a73bef04bea1bcea887a80a8baf0355466e7f29649295080ab4022bb8bd434f61c81245ee5a0880703b7047596262bbf587","ssdeep":"","tlshash":"21700000808238a00ae880088082023083000022020380200000380c020a0b80208c00","size":21,"data":"","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.863434Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/#Dem1x%20Top%20HvH%20%20#Dem1x%20Top%20%20%D1%81%D0%B5%D0%BB%D0%BB%D0%BF%D0%B5%D1%80%20#Dem1x%20%D0%95%D0%BE%D0%BF%20%D0%9D%D1%8F%D1%84%D0%BA%D0%B0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"c71d301f519c31921310c7b36807569f","sha1":"2feb575c9d573936c757b0d270c9ef303dc75ca5","sha256":"3b4e405c24fb8e19fb6a6ba549fffd2278c6561f945fce8549dac9c15f1937bb","sha512":"fb160a3472ca35ca69795799e4b54d0e35cfb48ad5f1901cd03e3da1eb81c7161a6215e64b4f6e126c12dc2c446b56f8b9c3d01c3aeb5e8e953d517d4e7eeea0","ssdeep":"","tlshash":"5fa0220bb082b22883ceaa3b203a0b0c203832000c000388c82a0cb00a208c08c03cc0","size":71,"data":"","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.867447Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"26421ac860f4dba7f27811712a149502","sha1":"aaf37d59cb4b28ac48ecefa82a2824a8e6210d5b","sha256":"266f482d6e5dd0302fca1871e22db5996e068d1188d1ba9cd96b892552fbcab3","sha512":"919156d81b248a368b0559741a8e0ce24a14178806923d1c1e783b25c3e61815727c3b81cf21e8f4ccd6c29c49f43e8a4d3cfe5bf386b43b01913f328d864e4d","ssdeep":"","tlshash":"8f90029934419024852255d0881b5495a134483020442d049549944468a111c412585c","size":39,"data":"","first_seen":"2023-04-12T04:16:13Z","last_seen":"2026-05-06T11:40:14.251534Z","times_seen":13550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/#Dem1x%20Top%20HvH%20%20#Dem1x%20Top%20%20%D1%81%D0%B5%D0%BB%D0%BB%D0%BF%D0%B5%D1%80%20#Dem1x%20%D0%95%D0%BE%D0%BF%20%D0%9D%D1%8F%D1%84%D0%BA%D0%B0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fcac3846a7b9509e659473c7b36c991","sha1":"1fde4012dd79b10a8effe6832ec015edacf56333","sha256":"a45de6922e2456c2e3b6faa3150492657923e2053ec9b2a911c6bac98d017b01","sha512":"41d520afdaac169fcb45d54d66d7ef4bc1cf6e59837442d71176c4b4af2ac6a7bcfda3c241a97f38fbd89d2966880edfe6afa6a4b9fe917ad01d1b85cdb75a69","ssdeep":"","tlshash":"61b0222cb0ba808a2bab2a30283380800a3a3c20008282303a0a20a80e20a303033088","size":124,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-05-08T09:35:56.346826Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6fc159d00dc3cea4153c038739683f93","sha1":"5d7e5bbfa540f0e53bd599e4305e1a4e815b5dd1","sha256":"8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce","sha512":"a574742476d89bdf841a26fac51ff0fae62cfeed95f38a1f3eb0699202d8c8abe165826d514bca4b2d69822f2d25901a72c3f081fd646e1238cf082ef0e28ea8","ssdeep":"1536:kYE1JVoiB9JqZdXXe2pD3PgoIK6alrUnzZ6a4msO7R6xfWBP4TCddWHs3ghna98o:P4KZ+sOsOV6x6pwhna98HrU","tlshash":"1683d6d9b2d6705297b734b850bf410bb17a98dab44c8c60f098d4e47eb4a8e507bf2d","size":85589,"data":"","first_seen":"2023-03-07T01:03:01Z","last_seen":"2026-05-06T14:45:29.975479Z","times_seen":8502,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/1.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"d76f7a7ca3b486202c9e134102eb7f11","sha1":"d4a75018d432d2a4d879b3a6546851bd64962303","sha256":"cca02be49d7e70d46666a0697d1526a4191c75436562c48703b29e1fdf050370","sha512":"af2259b10a566a5408a81697e862345e5d27ddee1d2905727d3f31a969fe693410f5fa3a9f37f6bd27ce430f8b7ad1a5821b6da0192463042e681f4794219fe4","ssdeep":"","tlshash":"09b01246017212480e51c003adb5621cf0c1bcd8300d6150361c5e1c330e39b04fe98f","size":107,"data":"","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.85592Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"i91631d6.beget.tech/","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-08T04:48:02.489Z","timestamp":1736311682489,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nLast-Modified: Fri, 01 Sep 2017 18:18:52 GMT\r\nETag: W/\"1b5ce-55824cb093b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51660,"size_decoded":112078,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (61398), with CRLF, LF line terminators","md5":"147402262cd7dc9c424e593ce47a724b","sha1":"665c40a83ea180118fc841956b877a1498bdb882","sha256":"5c94f7100d3e761ee14b5dd4881e51a3ec1876dfbc96d9f8686807307874e04c","sha512":"1551a5dcb6bf0c235d4aa4676f9b0eb771927a52a865e55fab013f269beb95620e4e204005162d556e5271e96b1ea069eee411037d988524121b696cf02c672b","ssdeep":"1536:wuzPaRqYqIm5KZl583VJVpN0Ueeh1BCW5fIJ6ckw2diFIHg/GSDi8G6fiefOgWsO:wuzPaR2KYse9V5Aw3U2g/R28O","tlshash":"2cb33cd090cd84d5e5026dc8f438b7b242723473efca2ca12176bb449eff4a5a50ab5e","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-01-08T04:48:31.034735Z","times_seen":8,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":38,"dns":1,"connect":37,"send":0,"wait":74,"receive":76,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-08T04:48:02Z","timestamp":1736311682,"ip_dst":{"addr":"172.18.0.2","port":55616,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"severity":"high","alert":"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript","source":"{\"timestamp\":\"2025-01-08T04:48:02.639050+0000\",\"flow_id\":671092993849952,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.50.25.19\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":55616,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031508,\"rev\":2,\"signature\":\"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_01_11\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2021_01_11\"]}},\"http\":{\"hostname\":\"i91631d6.beget.tech\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":24303},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":21,\"bytes_toserver\":1720,\"bytes_toclient\":28906,\"start\":\"2025-01-08T04:48:02.490080+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-08T04:48:26Z","timestamp":1736311706,"ip_dst":{"addr":"172.18.0.2","port":51170,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"severity":"high","alert":"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript","source":"{\"timestamp\":\"2025-01-08T04:48:26.059532+0000\",\"flow_id\":176308467922174,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.50.25.19\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":51170,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031508,\"rev\":2,\"signature\":\"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_01_11\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2021_01_11\"]}},\"http\":{\"hostname\":\"i91631d6.beget.tech\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":22855},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":21,\"bytes_toserver\":1534,\"bytes_toclient\":28906,\"start\":\"2025-01-08T04:48:25.914686+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/css/preloader.css","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.842Z","timestamp":1736311682842,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/preloader.css HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 11 Jul 2017 18:33:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a0e-a09\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":629,"size_decoded":2569,"mime_type":"text/css","magic":"ASCII text, with very long lines (2569), with no line terminators","md5":"bb387c910f1e770f6e740ea460a178fc","sha1":"f95ae82daa25cd5b161d73953e7b6d5b20fc7940","sha256":"072f14f11176329ef66aa5d8fdcd5a55fd2d1a4a70b66434e82d9ee2b2e120e0","sha512":"30b618f39fc1cf3701832d1284fbc3b093947e2e35055a035f1a5677368cf74727f88c1598c986124dc875fba88b656e7949033c9ea3ce6f47b60c4d4074542b","ssdeep":"","tlshash":"7251ef616891b08a5023df29a3cd0a84043cd723e5330e5fb32a7d5fc78269d6377697","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.828316Z","times_seen":10,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/css/Shacke.css","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.846Z","timestamp":1736311682846,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/Shacke.css HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 11 Jul 2017 18:33:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a0e-553c\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2619,"size_decoded":21820,"mime_type":"text/css","magic":"ASCII text, with very long lines (21820), with no line terminators","md5":"4bea16f4ff083edb6c2b70e36ecea9e4","sha1":"52bcb27ea1a9b635de366240ce4c40bade12ba5d","sha256":"d9017f2634cbb578aa46c39c297830f85248bcec668f8e8b66cc9b4b29ed49ab","sha512":"d677ebc91bad3a35be695e8fb968e8cd6d99a4a03120f16bad846b4290f67b44c3301a301b289d51f021d314e81e770fb61176cb4da00679d5d1060faef8360b","ssdeep":"192:hkJ13izc4W3db+ZkL6kCZkCBCDBLp2sEcMykpT5DXymzA:m1Sz7W3cZkGkCZkCBCDBLp2RCmzA","tlshash":"f9a2105c4f65040c29a50706dfea1bb84b2dd69359235ccf334f650b8aaa6bc73bdb06","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.847979Z","times_seen":10,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":26,"dns":0,"connect":39,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/1.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.854Z","timestamp":1736311682854,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/1.js HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: application/x-javascript\r\nLast-Modified: Fri, 01 Sep 2017 18:17:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59a9a44b-6b\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":99,"size_decoded":107,"mime_type":"application/x-javascript","magic":"Unicode text, UTF-8 text, with no line terminators","md5":"d76f7a7ca3b486202c9e134102eb7f11","sha1":"d4a75018d432d2a4d879b3a6546851bd64962303","sha256":"cca02be49d7e70d46666a0697d1526a4191c75436562c48703b29e1fdf050370","sha512":"af2259b10a566a5408a81697e862345e5d27ddee1d2905727d3f31a969fe693410f5fa3a9f37f6bd27ce430f8b7ad1a5821b6da0192463042e681f4794219fe4","ssdeep":"","tlshash":"48b0124500b202480e51c003adb5221cf0c1bcd8300e6150360c5e18734e39b00fe98f","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.85592Z","times_seen":10,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/main.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.853Z","timestamp":1736311682853,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: application/x-javascript\r\nLast-Modified: Tue, 11 Jul 2017 18:33:45 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a09-14d8\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1771,"size_decoded":5336,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (3177)","md5":"86faa9c1cb9e6f9bcffcaf049def24d9","sha1":"a9e0088819d96acdc97f0029fd4e77e02c7af144","sha256":"a963a4627f69abb16128feef026b4af61c013cef1f403fdf0d3a9605d877a4af","sha512":"b7a5fcc4de6f7771f83f83a35239ea95c5089ed4a26152f1d804e1506454f5d6fd3c15b0896858df47147db9a4dfa59c8cc083487256973ac3b31574bea05983","ssdeep":"96:t6t+E7IOyPPz5sEa1oZ/J1sKso5PmmnUpLs4WWawdxFJcK8FjGb:zO65sEaOZHIoa3WWvdxrr8Fje","tlshash":"b2b1650ef540adeb86ff12b2146f7194ae736ca0c902c145e6f901b51fa5e4ebe13b49","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.840065Z","times_seen":10,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":23,"dns":1,"connect":38,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/font-awesome-4.7.0/css/font-awesome.min.css","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.848Z","timestamp":1736311682848,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 11 Jul 2017 18:33:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a0e-7918\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7050,"size_decoded":31000,"mime_type":"text/css","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-05-06T14:46:16.134639Z","times_seen":262563,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":25,"dns":1,"connect":39,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.858Z","timestamp":1736311682858,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D","sha256":"7D:F5:AB:9A:97:34:D8:88:D9:F0:60:60:A2:9D:D1:4F:BF:36:29:43:AA:5D:4E:48:B3:17:0C:A5:B7:05:FF:BF"}}},"request":{"raw":"GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30089\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 05 Jan 2025 23:37:46 GMT\r\nexpires: Mon, 05 Jan 2026 23:37:46 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 191416\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30089,"size_decoded":85589,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32069)","md5":"6fc159d00dc3cea4153c038739683f93","sha1":"5d7e5bbfa540f0e53bd599e4305e1a4e815b5dd1","sha256":"8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce","sha512":"a574742476d89bdf841a26fac51ff0fae62cfeed95f38a1f3eb0699202d8c8abe165826d514bca4b2d69822f2d25901a72c3f081fd646e1238cf082ef0e28ea8","ssdeep":"1536:kYE1JVoiB9JqZdXXe2pD3PgoIK6alrUnzZ6a4msO7R6xfWBP4TCddWHs3ghna98o:P4KZ+sOsOV6x6pwhna98HrU","tlshash":"1683d6d9b2d6705297b734b850bf410bb17a98dab44c8c60f098d4e47eb4a8e507bf2d","first_seen":"2023-03-07T01:03:01Z","last_seen":"2026-05-06T14:45:29.975479Z","times_seen":8502,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":47,"dns":0,"connect":7,"send":0,"wait":8,"receive":8,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/kill.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.856Z","timestamp":1736311682856,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/kill.js HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: application/x-javascript\r\nLast-Modified: Sun, 20 Aug 2017 15:43:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"5999ae05-909\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":928,"size_decoded":2313,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"49fe707e8079627aa116644337c8dbe5","sha1":"3ef62facb4e8d4589d831d81a4ebfdcd34990e19","sha256":"e0816d88f1b96b4e5f2ab4b83b5b1ac9ff7f90d10e66891145ac8360468342f4","sha512":"1aa49258f642a92df00fcfd311c087bf6c068ed315d3378c50f85a1637e511626ec229b30ac043a0a77f43dc1a4b6dea81fb721e4b6b049c94bdb2c545ca3f89","ssdeep":"","tlshash":"81413148744148f2991b316c5fabc9843d3405935c42ad54bc9c6c806facd2de2fefa0","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.84221Z","times_seen":10,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":53,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Anti-debugging code","verdict":"suspicious","severity":"low","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/jquery.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.849Z","timestamp":1736311682849,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: application/x-javascript\r\nLast-Modified: Tue, 11 Jul 2017 18:33:45 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a09-148c0\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29480,"size_decoded":84160,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (64073)","md5":"d294c23767dd5bf36b41a97c32d390b1","sha1":"0259e75f6bb447dbbc28f4baa666dc4b6c7ac281","sha256":"f9005e8697bb8d2b348b3fe39efd3bcc51c7b76f032e6a9cf958b32c1b6cef5a","sha512":"bc03c5c099a13d3a74f850476696e5f26538de7c48b576abd110cd003616989881e93e38709e0184798075b9f1d844fd1aa65d45eed25af51325c10371c050e7","ssdeep":"1536:UPEkjP+iADIOr/NEe876nmBu3HvF38NduuJO1z6/A4TqAub0i4ULvguEhjzXpa9y:LNM/Jiz6oAQKP5a98HrJ","tlshash":"d783d6d9b6c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.838909Z","times_seen":10,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":23,"dns":1,"connect":38,"send":0,"wait":43,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/css/highstl.css","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.844Z","timestamp":1736311682844,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/highstl.css HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 11 Jul 2017 18:33:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a0e-1474\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1744,"size_decoded":5236,"mime_type":"text/css","magic":"ASCII text, with very long lines (524)","md5":"de361461b1bc8ef8e8f4790cfc3e8eee","sha1":"2bf3c883fc712d6c9562ea529118d9a898cc8350","sha256":"0ed4968d7f7b93e66ec40df7ca34ed97eff11fefc87dff39ea8e14785b1850f0","sha512":"680b7d4092b74932abf7263a49bf6f74b44907dea4f0724e6680b1ce90342829eac11946d6f38264261ee1a4d86f1fe33422948f2dd2cab916adcb25ca0a9df5","ssdeep":"96:mPg7G161qpGpF5UCmdnzaDjUcPjB0jWj1osur3JUpPMEER+:iiL1qYpUCCzanjGjWjatr3JURMEz","tlshash":"27b17231e441201cf217c99269c1abae7239d002e6e71b7db62b36e9d7c75ee151338a","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.836291Z","times_seen":10,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":70,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/js/plugins.min.js","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.852Z","timestamp":1736311682852,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/plugins.min.js HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: application/x-javascript\r\nLast-Modified: Tue, 11 Jul 2017 18:33:45 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a09-17dcb\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27515,"size_decoded":97739,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (20670)","md5":"005baf5b15d831bb07049d84fe127569","sha1":"8f6383e1f3312c173286fa6bb1134ccb95c83f9f","sha256":"50b0fa80669ee999e4ba478f5ce7a558d5825c96d572e54fe94b677c50309700","sha512":"81ee6fb35c48ced7f2446b0d4bc4e4ae83058ef012af40730a96d2d0d068e07ae41f0f9e06eeaccbf8e65d6351ccdfa3a2af684f13a4aa4b0cd606277fb4cfb3","ssdeep":"1536:MkChcEPx6+sFcH55vOcx9UMnMI3MXobdS2gZfE/1Eny+DnRtza9TUkXDBO6LI+k6:shxp/siBWDMGllTyU1JE","tlshash":"44a3168973d1321287db31b5542f0b0a7076e961240c943cb878ddd5beb8e5892abfbd","first_seen":"2023-03-14T05:33:44Z","last_seen":"2025-07-13T19:09:04.849856Z","times_seen":10,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":21,"dns":1,"connect":37,"send":0,"wait":43,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/css/animate.css","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:02.845Z","timestamp":1736311682845,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/animate.css HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:52 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 11 Jul 2017 18:33:49 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nETag: W/\"59651a0d-deb5\"\r\nExpires: Wed, 15 Jan 2025 04:47:52 GMT\r\nCache-Control: max-age=604800\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3920,"size_decoded":57013,"mime_type":"text/css","magic":"ASCII text, with very long lines (57013), with no line terminators","md5":"b9f309d49ef2b1267b7fc1e2912ff9f3","sha1":"bfebcffb6c7cc0d82a1208cbd4d8519de5ec371c","sha256":"a4a9937b86a95ea5703db8b179e8ea8b5aa8538c16a1e982c43e896060db9a21","sha512":"ad2d4abe6854f23740e8f48e178e7e51537dab48fdb53b7356e10f28010dfb096a8e4392ece3ad51990c65a3a42c0221f33374b744c609215244fba1077323b7","ssdeep":"1536:9kZWPWDrk6wm1KA9kGDj3Cyg5lrceb0qTI:9kZ7wm1KA9kGDj3Cyg5lrceb0qTI","tlshash":"c143e5ae5891128991624fa2c3dd4ea8473dc67314621cde33856c4bcf87fae33da607","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.829708Z","times_seen":10,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/images/overlay.png","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.162Z","timestamp":1736311683162,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/overlay.png HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/css/highstl.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 106\r\nLast-Modified: Tue, 11 Jul 2017 18:33:55 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"59651a13-6a\"\r\nExpires: Fri, 07 Feb 2025 04:47:53 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":106,"size_decoded":106,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 1-bit colormap, non-interlaced","md5":"1af2611075fd79f9e93b980353b44596","sha1":"d39b8b830b280fe183271edca2fa5c65f8db2b9e","sha256":"ded034ed0505418e0f5630a6ac89005a8d74d25b7c1155afcc023941b1f79f1b","sha512":"32aa97236af34f0900e2ecb3332d453beef7f2c9721ff9b7f3666c42db20953e891cad8183a40dbbbe49888fda836602c9f902c264d066026fac5e1dcfd9df1c","ssdeep":"","tlshash":"2ab012fb1391dc2dd54a233fc2788302c835c7392212400e644cb5310a3510366c4b53","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.845867Z","times_seen":10,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/images/cursor/cursor2.cur","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.161Z","timestamp":1736311683161,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/cursor/cursor2.cur HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/css/highstl.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Length: 4286\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nLast-Modified: Tue, 11 Jul 2017 18:33:56 GMT\r\nETag: \"10be-5540ef12bad00\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4286,"size_decoded":4286,"mime_type":"image/x-icon","magic":"MS Windows cursor resource - 1 icon, 32x32, hotspot @12x5","md5":"f3dc15c9168c76e64103dad31f4a3639","sha1":"3db4d8456346369ea4ae1ec3780ba12bb1d27f40","sha256":"bf66be28f6a35be57882a7bdc3d3249c5597312f19d8cc3e2390a01dc4cb2c70","sha512":"c68cb3a11dda041a3a3977508eafd1857aaab561b12e673f78309219800ef80ee36af90f75a92476ee9d7d595b4bbacafd567d37f62f4e5ab9a8e979ef2313df","ssdeep":"48:AaVTCXEnjvQGl5q1zW4ygnxEUvltYeLiMaK5JD4fm3ZAUvf:AaxC0vQGlo1Kzmjvl+eLiBWDYmpAUvf","tlshash":"9e915599f7141098c4020731f4fe2902f6b08e1dc8dcea9318d8e875fca7829fd5a1ad","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.85835Z","times_seen":10,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/images/cursor/cursor.cur","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.153Z","timestamp":1736311683153,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/cursor/cursor.cur HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Length: 4286\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nLast-Modified: Tue, 11 Jul 2017 18:33:56 GMT\r\nETag: \"10be-5540ef12bad00\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4286,"size_decoded":4286,"mime_type":"image/x-icon","magic":"MS Windows cursor resource - 1 icon, 32x32, hotspot @9x8","md5":"5760dc3ad5a2f67eb2ceee76ce54c92c","sha1":"39fea104837f7b7ba92f74ebccd58edb8e2ba5ab","sha256":"0f371e6041209c22f41be5b46c0e823219052b74955a357e2f053ff015581aed","sha512":"19b61e8452b2c94076193b2b657867a9173ac0acfdcef24a13c0d348a13514cb6914db69c09f11d2ae7e12dee352c60495822e909880529549c1fedb536bca09","ssdeep":"48:N2/L4mi0kgEtsX45dzuz4js0QVi0d8Cp5b4RM:N2/EmGgD45duz4Rv0d8k5b4+","tlshash":"2b9105eaf74004a0c0405b7476feaa23b6748e5ec45ee89715e4e979fca3865fc9908c","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.832207Z","times_seen":10,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/images/image_part_001_mini.jpg","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.157Z","timestamp":1736311683157,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/image_part_001_mini.jpg HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/css/preloader.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 66163\r\nLast-Modified: Tue, 11 Jul 2017 18:33:55 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"59651a13-10273\"\r\nExpires: Fri, 07 Feb 2025 04:47:53 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":66163,"size_decoded":66163,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3","md5":"4089d73b6a759654ada6c4a90717308f","sha1":"9c96ed30b8eec7539a4431528d25c2063e4a2f64","sha256":"b22b4cd6e421728f54b7825889754703b38a2a313015ae3a5cbb6c619cd70e87","sha512":"c44cdc051208f87725aa077d714e51f9d079fde2dae4e88c0b9b2e8ef6e16e7d8197ca3493ce4cf31e2c24b077bb82397ef3658f189f5558c3114e57924768c6","ssdeep":"1536:5xn+vyRZ4lsWcs5v/DCwh4HqV7LfwYaCJHbd:5xn+vyRZwB5/3WHqV7jw1sd","tlshash":"fc53d017d76810afc1fec73151970bb03ab2b521b1ee9b617b2a4519acb970c7d09ec2","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.857308Z","times_seen":10,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.163Z","timestamp":1736311683163,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/font-awesome-4.7.0/css/font-awesome.min.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Length: 77160\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nLast-Modified: Tue, 11 Jul 2017 18:33:51 GMT\r\nETag: \"12d68-5540ef0df61c0\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":77160,"size_decoded":77160,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-05-06T14:43:41.541704Z","times_seen":455620,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/images/image_part_002_mini.jpg","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.159Z","timestamp":1736311683159,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/image_part_002_mini.jpg HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/css/preloader.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 57730\r\nLast-Modified: Tue, 11 Jul 2017 18:33:55 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"59651a13-e182\"\r\nExpires: Fri, 07 Feb 2025 04:47:53 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57730,"size_decoded":57730,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2160, components 3","md5":"d5c01c45b7faef5482e7e638838a428a","sha1":"6bbe9fe8b3ff51f9b7df59d02370afee18fd498e","sha256":"6366ebb0dff6394b7efa11c5bd8a2d717e2dc24c2b836cf80424bb7542d03d8b","sha512":"b4e6fc2d07bdb6d2d50544256ebdc5479ccf13b2cf266ae5fbe93ca87e17c315b431a33b02448f77cf4b24c3735c616368c9ca549722ba531c9e1448d150e78a","ssdeep":"1536:Knc7g94UiBIDzC0gEkFJ4OrGMXyi+wlvUJaGGt:KncU9JRz4FJ4OKi+dJTGt","tlshash":"2d43bea77e0151a7dbde173009cb4b283fb60a52d658e086b3d1283584fb758bc6d794","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.84473Z","times_seen":10,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/videos/dem1x.mp4","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.438Z","timestamp":1736311683438,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /videos/dem1x.mp4 HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=78512128-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 130104\r\nLast-Modified: Sat, 19 Aug 2017 19:15:27 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"59988e4f-4affc38\"\r\nExpires: Fri, 07 Feb 2025 04:47:53 GMT\r\nCache-Control: max-age=2592000\r\nContent-Range: bytes 78512128-78642231/78642232\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":130104,"size_decoded":130104,"mime_type":"video/mp4","magic":"data","md5":"c6a2d53722cc9d9b696e795dc57b8bb0","sha1":"cd09f50ed06a1d8bd62a26238b4ba09642631806","sha256":"cdcbdc37d6343d7ca95db1525d97657cc3f609c941a8deef78af55348f566480","sha512":"66d40f796d08e7ac3f7ce833a3e2e5dcec0a61599b5e0f8df526a2e5b167e591e7730d2a30c36e582b46fb6c228713328f686ae719d1ad186fa6282cde6792f9","ssdeep":"1536:rxPH/q8v1UATlwoFYc87GNuHi48P7D9vB7NQIBB8oq/MGgiC:rp/qaUClw22KN2+7lVNNB6aGgiC","tlshash":"46d31bb293d51702fcf12b31a6e3c7126be4e2671b1347d751b1a6fe6ca12a5ce090e1","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.821531Z","times_seen":7,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/fonts/font.ttf","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.621Z","timestamp":1736311683621,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /fonts/font.ttf HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: application/x-font-ttf\r\nContent-Length: 119448\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nLast-Modified: Tue, 11 Jul 2017 18:33:55 GMT\r\nETag: \"1d298-5540ef11c6ac0\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119448,"size_decoded":119448,"mime_type":"application/x-font-ttf","magic":"TrueType Font data, 17 tables, 1st \"LTSH\", 21 names, Macintosh, Melon Creative Company�. 2014. All Rights ReservedHACKEDRegularHACKED:Version 1.001HACKEDVersion","md5":"8ee477f73c7697cf17cf9e18772e2016","sha1":"c552bc5289d73e02739944ead24f9c35b3654f9c","sha256":"f2b35dd24ce6fee66f0fcc6d2ddeb5e9c85b1ac5030034088d7c228f23ddb526","sha512":"041959728441f3b08244ed7586ef25495d93a54ae09a3f774788d10e628ea11fd871ac60d909181614a51b3d33a359b2dae43198c742303f07f22551c7e3c2e7","ssdeep":"3072:o0UmO1A7eT103ByRZtD5xs37EmpMKIX7FjlA0+ydQZxGWG5+sxQ1uus67ys:obmOMWcByRD5EE+MKI7UydQ/ddYQ1uud","tlshash":"cac3e5cbcfff9827e36e1af98ce381bf0ae4e50a9f71258d6d455160d6b62401887c64","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.833391Z","times_seen":10,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/videos/dem1x.mp4","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.438Z","timestamp":1736311683438,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /videos/dem1x.mp4 HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=32768-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 78609464\r\nLast-Modified: Sat, 19 Aug 2017 19:15:27 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"59988e4f-4affc38\"\r\nExpires: Fri, 07 Feb 2025 04:47:53 GMT\r\nCache-Control: max-age=2592000\r\nContent-Range: bytes 32768-78642231/78642232\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":171406,"size_decoded":171406,"mime_type":"video/mp4","magic":"data","md5":"3583f0560be5a74dbdf606bc61093425","sha1":"3e9a158b45af62ac887dfe73685ac00f2b90a524","sha256":"0d7b751f94b8c33465e235ed148f61b8ce61a429fd7e575e8c6dc4578d36ae7c","sha512":"3a2feca3ccc418b500ae1ae0e948d76f417d73f954a2bb58939ed4bf196ee8f60512ee05596fad0d7387f776c850e5e8f2eb6ea855eb84c5c409379f4cf22a39","ssdeep":"3072:du4TT4caMkU5J2MDAVLHFlXhpAXOCrL/0P7AJz7rE2n+coOOv7j7vfn:du6T4GTrBcBHF6rLczar7loJ7X","tlshash":"93f32380902ad2dce88f40f278db220e53b91975565592c82bbef37b76feb5109fd418","first_seen":"2025-01-08T04:48:31.052676Z","last_seen":"2025-01-08T04:48:31.052676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/fonts/font.ttf","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.621Z","timestamp":1736311683621,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /fonts/font.ttf HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: application/x-font-ttf\r\nContent-Length: 119448\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nLast-Modified: Tue, 11 Jul 2017 18:33:55 GMT\r\nETag: \"1d298-5540ef11c6ac0\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":119448,"size_decoded":119448,"mime_type":"application/x-font-ttf","magic":"TrueType Font data, 17 tables, 1st \"LTSH\", 21 names, Macintosh, Melon Creative Company�. 2014. All Rights ReservedHACKEDRegularHACKED:Version 1.001HACKEDVersion","md5":"8ee477f73c7697cf17cf9e18772e2016","sha1":"c552bc5289d73e02739944ead24f9c35b3654f9c","sha256":"f2b35dd24ce6fee66f0fcc6d2ddeb5e9c85b1ac5030034088d7c228f23ddb526","sha512":"041959728441f3b08244ed7586ef25495d93a54ae09a3f774788d10e628ea11fd871ac60d909181614a51b3d33a359b2dae43198c742303f07f22551c7e3c2e7","ssdeep":"3072:o0UmO1A7eT103ByRZtD5xs37EmpMKIX7FjlA0+ydQZxGWG5+sxQ1uus67ys:obmOMWcByRD5EE+MKI7UydQ/ddYQ1uud","tlshash":"cac3e5cbcfff9827e36e1af98ce381bf0ae4e50a9f71258d6d455160d6b62401887c64","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.833391Z","times_seen":10,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-08T04:48:02.489Z","timestamp":1736311682489,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:48:16 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nVary: Accept-Encoding\r\nLast-Modified: Fri, 01 Sep 2017 18:18:52 GMT\r\nETag: W/\"1b5ce-55824cb093b00\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51660,"size_decoded":112078,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (61398), with CRLF, LF line terminators","md5":"147402262cd7dc9c424e593ce47a724b","sha1":"665c40a83ea180118fc841956b877a1498bdb882","sha256":"5c94f7100d3e761ee14b5dd4881e51a3ec1876dfbc96d9f8686807307874e04c","sha512":"1551a5dcb6bf0c235d4aa4676f9b0eb771927a52a865e55fab013f269beb95620e4e204005162d556e5271e96b1ea069eee411037d988524121b696cf02c672b","ssdeep":"1536:wuzPaRqYqIm5KZl583VJVpN0Ueeh1BCW5fIJ6ckw2diFIHg/GSDi8G6fiefOgWsO:wuzPaR2KYse9V5Aw3U2g/R28O","tlshash":"2cb33cd090cd84d5e5026dc8f438b7b242723473efca2ca12176bb449eff4a5a50ab5e","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-01-08T04:48:31.034735Z","times_seen":8,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":38,"dns":1,"connect":37,"send":0,"wait":74,"receive":76,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-01-08T04:48:02Z","timestamp":1736311682,"ip_dst":{"addr":"172.18.0.2","port":55616,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"severity":"high","alert":"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript","source":"{\"timestamp\":\"2025-01-08T04:48:02.639050+0000\",\"flow_id\":671092993849952,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.50.25.19\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":55616,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031508,\"rev\":2,\"signature\":\"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_01_11\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2021_01_11\"]}},\"http\":{\"hostname\":\"i91631d6.beget.tech\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":24303},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":21,\"bytes_toserver\":1720,\"bytes_toclient\":28906,\"start\":\"2025-01-08T04:48:02.490080+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2025-01-08T04:48:26Z","timestamp":1736311706,"ip_dst":{"addr":"172.18.0.2","port":51170,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"severity":"high","alert":"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript","source":"{\"timestamp\":\"2025-01-08T04:48:26.059532+0000\",\"flow_id\":176308467922174,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.50.25.19\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":51170,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031508,\"rev\":2,\"signature\":\"ET WEB_CLIENT Generic Attempted Executable Drop via VBScript\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_01_11\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2021_01_11\"]}},\"http\":{\"hostname\":\"i91631d6.beget.tech\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":22855},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":21,\"bytes_toserver\":1534,\"bytes_toclient\":28906,\"start\":\"2025-01-08T04:48:25.914686+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i91631d6.beget.tech/favicon.ico","fqdn":"i91631d6.beget.tech","domain":"beget.tech","tld":"tech"},"ip":{"addr":"185.50.25.19","port":80,"asn":198610,"as":"Beget LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://i91631d6.beget.tech/","date":"2025-01-08T04:48:03.516Z","timestamp":1736311683516,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: i91631d6.beget.tech\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://i91631d6.beget.tech/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx-reuseport/1.21.1\r\nDate: Wed, 08 Jan 2025 04:47:53 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 932\r\nLast-Modified: Tue, 11 Jul 2017 18:33:44 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=30\r\nETag: \"59651a08-3a4\"\r\nExpires: Fri, 07 Feb 2025 04:47:53 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":932,"size_decoded":932,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel","md5":"a7143bfe9996736fdee419697b5552f7","sha1":"3433acaef43b10108038bc35b082e21f180990b1","sha256":"04c9162a62a9ba7ddcc01981fed0ae8b66fb2449c93e43104eeae90dd3a1b7ae","sha512":"49b12feab1537308c5f510fba12a71400485ce53df87e43e0d4d3949d6c592052d52ed0dd42471ad9839e6d438099993b94c5fe9d6d42aadc7c6779b22cff218","ssdeep":"","tlshash":"651186fa312f473efc3198f414665be8873c815da7d81586160e55b985c51d68cf13a4","first_seen":"2023-06-10T02:39:02Z","last_seen":"2025-07-13T19:09:04.853913Z","times_seen":10,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}