Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/11/2024, 10:59 UTC

General

  • Target

    b3c3faee150257c3dfaaaf9133f2607b67e46000ee44ff624e7c60ef806e5e10N.exe

  • Size

    78KB

  • MD5

    1ca379954e88873978f8fee898004950

  • SHA1

    d1454ee16e5aa95d6a49a47be33cb34786c5f512

  • SHA256

    b3c3faee150257c3dfaaaf9133f2607b67e46000ee44ff624e7c60ef806e5e10

  • SHA512

    5c2a0a0630c3bbb063b524a3b470faec2dc4ccc6da52edfe34767e544a5c43054dbf457590af3db0ca70e1d2ad45dba5c239d83fcfba3dfcf9baa2c947efcc95

  • SSDEEP

    1536:ye585XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6et9/YCw1tI:ye58pSyRxvhTzXPvCbW2Ui9/YCX

Malware Config

Signatures

  • MetamorpherRAT

    Metamorpherrat is a hacking tool that has been around for a while since 2013.

  • Metamorpherrat family
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Uses the VBS compiler for execution 1 TTPs
  • Adds Run key to start application 2 TTPs 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b3c3faee150257c3dfaaaf9133f2607b67e46000ee44ff624e7c60ef806e5e10N.exe
    "C:\Users\Admin\AppData\Local\Temp\b3c3faee150257c3dfaaaf9133f2607b67e46000ee44ff624e7c60ef806e5e10N.exe"
    1⤵
    • Checks computer location settings
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1200
    • C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
      "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" /noconfig @"C:\Users\Admin\AppData\Local\Temp\0eyht5is.cmdline"
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:3476
      • C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
        C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES859B.tmp" "C:\Users\Admin\AppData\Local\Temp\vbcFC399C0FCC40434C94D68E6B7F899AC8.TMP"
        3⤵
        • System Location Discovery: System Language Discovery
        PID:1788
    • C:\Users\Admin\AppData\Local\Temp\tmp83D6.tmp.exe
      "C:\Users\Admin\AppData\Local\Temp\tmp83D6.tmp.exe" C:\Users\Admin\AppData\Local\Temp\b3c3faee150257c3dfaaaf9133f2607b67e46000ee44ff624e7c60ef806e5e10N.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Adds Run key to start application
      • System Location Discovery: System Language Discovery
      • Suspicious use of AdjustPrivilegeToken
      PID:1696

Network

  • flag-us
    DNS
    58.55.71.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    58.55.71.13.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    0.159.190.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    0.159.190.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    95.221.229.192.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    95.221.229.192.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    bejnz.com
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    bejnz.com
    IN A
    Response
    bejnz.com
    IN A
    44.221.84.105
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:05 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=382390870621391bb4449753ec225e0f|181.215.176.83|1732964405|1732964405|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    DNS
    105.84.221.44.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    105.84.221.44.in-addr.arpa
    IN PTR
    Response
    105.84.221.44.in-addr.arpa
    IN PTR
    ec2-44-221-84-105 compute-1 amazonawscom
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:06 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=5a0336747eb3b857d9e9efa22616a607|181.215.176.83|1732964406|1732964406|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:07 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=02c002da94a70aca88497ad68e16c3e0|181.215.176.83|1732964407|1732964407|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:09 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=6cec4f944f6623c72c46dbc63e6b098e|181.215.176.83|1732964409|1732964409|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:10 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=b680095e3b1064a63dfc31928773022a|181.215.176.83|1732964410|1732964410|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    133.211.185.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    133.211.185.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:11 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=4fb02c4686a2362ab6ed62f923b05e3c|181.215.176.83|1732964411|1732964411|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:12 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=4440f6336811ecc20e3acc13030bff1e|181.215.176.83|1732964412|1732964412|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:14 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=efe73ffdaae32ec8476dd0881f53cd43|181.215.176.83|1732964414|1732964414|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:15 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e8eeafcf4437e651928b2eabd31ba9e2|181.215.176.83|1732964415|1732964415|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:16 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=9304f83a33707f93ff70114979041eed|181.215.176.83|1732964416|1732964416|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:17 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=076cc7afbff63b08ba0c2a36cb629d1d|181.215.176.83|1732964417|1732964417|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:19 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ae112bf6536ec4339252a462d58d8683|181.215.176.83|1732964419|1732964419|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:20 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=d0a2d897c1f82fce7b77d43fc482d727|181.215.176.83|1732964420|1732964420|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:21 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=426c92f911a74d1c42bd78c2b1a40d41|181.215.176.83|1732964421|1732964421|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:22 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ef5b0f668bbcf9a1b6d5b47054425ce8|181.215.176.83|1732964422|1732964422|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:24 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=2bda33a88eb2469212da36005ff661fe|181.215.176.83|1732964424|1732964424|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:25 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=109063758b740edea7fc1f4eeb35d751|181.215.176.83|1732964425|1732964425|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:26 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=fb816d011f1887686cbfd7e7f9f24e36|181.215.176.83|1732964426|1732964426|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:27 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=301267263cda90129b62d03e8c56d47e|181.215.176.83|1732964427|1732964427|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:28 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=aa919c81bdf21a63f5b01bd72d981986|181.215.176.83|1732964428|1732964428|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    56.163.245.4.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    56.163.245.4.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:30 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=02a9803aee8278480745c279fd2e116f|181.215.176.83|1732964430|1732964430|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    DNS
    198.187.3.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    198.187.3.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:31 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=f050a3d30e4dff81900794e3c06d63fe|181.215.176.83|1732964431|1732964431|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:32 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=cd9072107603a3600d4feb4bc627fe01|181.215.176.83|1732964432|1732964432|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:33 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e5ebf34aba448218dd9f93e530744ff9|181.215.176.83|1732964433|1732964433|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:35 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=19c2f8c2e7a07525b922813a1430408c|181.215.176.83|1732964435|1732964435|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:36 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=8acfc55211a8c9f04c95b07843c634f9|181.215.176.83|1732964436|1732964436|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:37 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=2f605d0cf004766acf318bbcd5c808ae|181.215.176.83|1732964437|1732964437|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:38 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=c9548dd277361e4144d8b7e6d01e207f|181.215.176.83|1732964438|1732964438|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:40 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ccab7aaf1bdc1230e215f38d133b6b50|181.215.176.83|1732964440|1732964440|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:41 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=976a0b3c300a5b11b29de4e166dbf909|181.215.176.83|1732964441|1732964441|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:42 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=d797df154802082de4923f9b449a62ae|181.215.176.83|1732964442|1732964442|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:43 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=bafab19ef651ee12d7a88e642db776e5|181.215.176.83|1732964443|1732964443|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:44 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=052cc19312d266596f9f70e384ba7a29|181.215.176.83|1732964444|1732964444|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:46 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=08d00f3f2cf3cc647ec772b45a89ddb1|181.215.176.83|1732964446|1732964446|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:47 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ccc0f98d08d5a30578537f876b09f37a|181.215.176.83|1732964447|1732964447|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:48 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=7900407dfff72a253ab88225a1436be8|181.215.176.83|1732964448|1732964448|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:49 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=fcd871965a79be025cb9ee7fc0e6c220|181.215.176.83|1732964449|1732964449|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:51 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=3735c557234a293911b7abc327922825|181.215.176.83|1732964451|1732964451|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:52 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=dbe0849697b45f4e5470fc5b21abf165|181.215.176.83|1732964452|1732964452|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:53 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=b03cab52dc0f244e56cdfdbdb9abd118|181.215.176.83|1732964453|1732964453|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:54 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=30c2c99780a6287212a5b313ecfbfbac|181.215.176.83|1732964454|1732964454|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:56 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ce030bddc8e5d59c9a35c0a30ca9eae3|181.215.176.83|1732964456|1732964456|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:57 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=3ba3a9eb3b7f003a666802ee5b51de7f|181.215.176.83|1732964457|1732964457|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:58 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=1a8de835dd709115f1d42d2cac0b72bd|181.215.176.83|1732964458|1732964458|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:00:59 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=67895bf40fb6611fbb50ee6ad271bd73|181.215.176.83|1732964459|1732964459|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:00 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ed987b2f2914791af69fc70cc25d7763|181.215.176.83|1732964460|1732964460|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:02 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=9aad57f66486349439ca67630b9a08c1|181.215.176.83|1732964462|1732964462|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:03 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=20c12329772360c52de7c4a1cc61d99d|181.215.176.83|1732964463|1732964463|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:04 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=a3156f3b4f83a18625fbd440dda87333|181.215.176.83|1732964464|1732964464|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:05 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=f033329e7dd2443fd0d0ad08a4eb7a9e|181.215.176.83|1732964465|1732964465|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:07 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=8d33339524597beae0e5ceb5d2c68813|181.215.176.83|1732964467|1732964467|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:08 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=2661c8ab5da00d7ec59a6c737ecf6d70|181.215.176.83|1732964468|1732964468|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:09 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=025b8372efc9435a0f91d0b3023a8bde|181.215.176.83|1732964469|1732964469|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:10 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=f77fd9f8c0d69c1f0fe6353685518cfc|181.215.176.83|1732964470|1732964470|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:11 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=c045326d6f0ac96651a66d9c8098b871|181.215.176.83|1732964471|1732964471|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:13 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=c4ab355a9e1f1d72608f5917f8bce31f|181.215.176.83|1732964473|1732964473|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:14 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=0cb170a5d776ea40bba062d261d9c0e5|181.215.176.83|1732964474|1732964474|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:15 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=c943f4625921617d9b38ba2146e3c52f|181.215.176.83|1732964475|1732964475|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:16 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=862010796fc6b6bdc031fe4ca4bcfef0|181.215.176.83|1732964476|1732964476|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:18 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=26584874918a095c4e3aa3a34de3e077|181.215.176.83|1732964478|1732964478|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:19 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=88b2e34df450df89e2059fb2da75532b|181.215.176.83|1732964479|1732964479|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:20 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=98ec05731d6df87a54d5a4baf45ddb60|181.215.176.83|1732964480|1732964480|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:21 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=24eea290d26836bf27baffbc9d78bd55|181.215.176.83|1732964481|1732964481|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:23 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=d4353c9ccd198ae08b0d416d1dd98a07|181.215.176.83|1732964483|1732964483|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:24 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=2c99c2eced5a331eb4835f40baaf4000|181.215.176.83|1732964484|1732964484|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:25 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=bf78bcb9735aa882c44b7d5c8a0e1ff6|181.215.176.83|1732964485|1732964485|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:26 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=67be7bc1a82a93a2437269e049e6b5bd|181.215.176.83|1732964486|1732964486|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:27 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=0b10030c395816ae2d6b80e1dca45f8b|181.215.176.83|1732964487|1732964487|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:29 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=f238d7bdb1deb1ac048a2ec6c9fd0062|181.215.176.83|1732964489|1732964489|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:30 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=f3577b0067bc7d5a621c070353bab468|181.215.176.83|1732964490|1732964490|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    88.210.23.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    88.210.23.2.in-addr.arpa
    IN PTR
    Response
    88.210.23.2.in-addr.arpa
    IN PTR
    a2-23-210-88deploystaticakamaitechnologiescom
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:31 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=0d3f5e973cb9e1d436b1892bc28eb312|181.215.176.83|1732964491|1732964491|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    30.243.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    30.243.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:32 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=6991fd67fa8fcb88b7db649ea8ba1d55|181.215.176.83|1732964492|1732964492|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:34 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=af861ac468240159d45a30c9a472a777|181.215.176.83|1732964494|1732964494|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:35 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=1319d8a6cec2bd5102e285c753bf1976|181.215.176.83|1732964495|1732964495|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:36 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=7b7ad20f27d3e62a06710d10cb682c54|181.215.176.83|1732964496|1732964496|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:37 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=b6497394ff9227ff8a95288daeb33a34|181.215.176.83|1732964497|1732964497|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:38 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=ca59d84bd238ba6766fddfcf7af7e21a|181.215.176.83|1732964498|1732964498|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:40 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=75aba94b381851d9752122fae0509cde|181.215.176.83|1732964500|1732964500|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:41 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e59c7e2c80f2995e66fd2b9664d40a17|181.215.176.83|1732964501|1732964501|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:42 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=545f67811c268281f8757c68fdeece5a|181.215.176.83|1732964502|1732964502|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:43 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=4f04ccb59fe95a6d2a55e2a5e9f7b705|181.215.176.83|1732964503|1732964503|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:45 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=89bc3e5236a976812e4fb079a122956e|181.215.176.83|1732964505|1732964505|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:46 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=3e966bf82f0e41af7065c1d47aaecd4c|181.215.176.83|1732964506|1732964506|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:47 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=6fd7e6a8e618962cc46f78a43c2937ac|181.215.176.83|1732964507|1732964507|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:48 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=c167add9a8f65a4c730b023a4a4fab9a|181.215.176.83|1732964508|1732964508|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:49 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=924f8b0ba41b64cf97efbf04ff2608a5|181.215.176.83|1732964509|1732964509|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:51 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e149b4cded4809c71a844bb9092fa47e|181.215.176.83|1732964511|1732964511|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:52 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=2bebe251e00b0d0bbc80c7f643ad0535|181.215.176.83|1732964512|1732964512|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:53 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=47306cfb732d2204c7c3dc0cfab77da1|181.215.176.83|1732964513|1732964513|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:54 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=17d6cc778abeaae841f560e2363f5174|181.215.176.83|1732964514|1732964514|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    DNS
    rwkeith.no-ip.org
    tmp83D6.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    rwkeith.no-ip.org
    IN A
    Response
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:56 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=b7f5a978ef7257b0a74f8ac3f2e10a6c|181.215.176.83|1732964516|1732964516|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmp83D6.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 30 Nov 2024 11:01:57 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=aa0c3a45200faecd024d0b320aa4ead5|181.215.176.83|1732964517|1732964517|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    295 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    625 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    617 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    317 B
    617 B
    6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmp83D6.tmp.exe
    271 B
    625 B
    5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 44.221.84.105:80
    tmp83D6.tmp.exe
  • 8.8.8.8:53
    58.55.71.13.in-addr.arpa
    dns
    70 B
    144 B
    1
    1

    DNS Request

    58.55.71.13.in-addr.arpa

  • 8.8.8.8:53
    0.159.190.20.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    0.159.190.20.in-addr.arpa

  • 8.8.8.8:53
    95.221.229.192.in-addr.arpa
    dns
    73 B
    144 B
    1
    1

    DNS Request

    95.221.229.192.in-addr.arpa

  • 8.8.8.8:53
    bejnz.com
    dns
    tmp83D6.tmp.exe
    55 B
    71 B
    1
    1

    DNS Request

    bejnz.com

    DNS Response

    44.221.84.105

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    105.84.221.44.in-addr.arpa
    dns
    72 B
    127 B
    1
    1

    DNS Request

    105.84.221.44.in-addr.arpa

  • 8.8.8.8:53
    133.211.185.52.in-addr.arpa
    dns
    73 B
    147 B
    1
    1

    DNS Request

    133.211.185.52.in-addr.arpa

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    56.163.245.4.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    56.163.245.4.in-addr.arpa

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    198.187.3.20.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    198.187.3.20.in-addr.arpa

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    88.210.23.2.in-addr.arpa
    dns
    70 B
    133 B
    1
    1

    DNS Request

    88.210.23.2.in-addr.arpa

  • 8.8.8.8:53
    30.243.111.52.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    30.243.111.52.in-addr.arpa

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

  • 8.8.8.8:53
    rwkeith.no-ip.org
    dns
    tmp83D6.tmp.exe
    63 B
    123 B
    1
    1

    DNS Request

    rwkeith.no-ip.org

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\0eyht5is.0.vb

    Filesize

    14KB

    MD5

    1de09fba9b47fecfd9710900858e0845

    SHA1

    6f4fa0d3fbb4e0166e174dcb9db394968b22734f

    SHA256

    e99f3745809ef58c4fd7db512c94474c982d9de19310f0ea2b5fd9d8e2992de1

    SHA512

    92df294bceac9f01036729c6a44350c1dd1180db550e8e46305ea57acf78fa514d795ccef28bfac925eff87ddae90f0e2cd9c593db9d08c9d951b2053506d8f8

  • C:\Users\Admin\AppData\Local\Temp\0eyht5is.cmdline

    Filesize

    266B

    MD5

    7f2663a7df88209ce19e5bc662236912

    SHA1

    ee4724a9c65120181150e790f1c9c10a40e468eb

    SHA256

    390d5eac38ac1f67a126d68c02e1eff9a9c2dc32bcb6da38456d695df90fe08c

    SHA512

    c45a7705009eaab540a34b9f012d716c22030f3b4121dc7c41fd3c633884e4e582a10db1aae79b9599f518027306bf12b91a80be126bb224b5ee3116c2704d14

  • C:\Users\Admin\AppData\Local\Temp\RES859B.tmp

    Filesize

    1KB

    MD5

    2644e284693b0140378fad1d62d51a99

    SHA1

    aac034a6576a621f040ae275387c2eb3ad808c9d

    SHA256

    dbaa06b1d85016850a63e07f39e4baaf515ba68f6cee6b8adad67cd1e00b7331

    SHA512

    75a35b814683e5f6e3683fd34be1c509f386fbac6afe0576f41eb9f4a4769eec2272d9022e1acfbf6bb87316be93340d93c53077be563f91689a5896245727fd

  • C:\Users\Admin\AppData\Local\Temp\tmp83D6.tmp.exe

    Filesize

    78KB

    MD5

    a8be516e188a7bdd3b325c9cfcfd0a30

    SHA1

    96879dfaac56a7f1d574bd06f821c56bd18b3dd4

    SHA256

    8595192b1e36cc523ebdb0cef8642927040bdde60673948265704796e3fcef18

    SHA512

    81861eae01665adc31178a618d00d09e4e5cd8a494080b45d64b6e062c73cce32fe2042bceb4c02d3420723957bd34a64f8798980d8e05eb4626bc13270fca3f

  • C:\Users\Admin\AppData\Local\Temp\vbcFC399C0FCC40434C94D68E6B7F899AC8.TMP

    Filesize

    660B

    MD5

    e2f14df390b49941224d9239028dde8b

    SHA1

    5d2d2581a7d5fc0cc276b67ac1fbe6c3c8c20e17

    SHA256

    ffc44bcd0231c50eb0f93666abe330c1f77a8689cc3637a63d30fe631efb9477

    SHA512

    8c19c2a170a4178d73e6080d72fd2a6a94c63f95786284fd43fb7f3033cc27021d543e47253a18d491fa5b1c00014fca3c4273e88a09909e32026a595bd7bfca

  • C:\Users\Admin\AppData\Local\Temp\zCom.resources

    Filesize

    62KB

    MD5

    8fd8e054ba10661e530e54511658ac20

    SHA1

    72911622012ddf68f95c1e1424894ecb4442e6fd

    SHA256

    822d92b6f2bd74ba785aa1555b5963c9d7736be1a41241927343dff1caf538d7

    SHA512

    c14d729a30b055df18cfac5258c30574ca93bd05fb9a86b4be47ed041c7a4ceefa636bf1c2dd0ccd4c922eda785ce80127374fb70f965c1cf7cd323da5c1b24c

  • memory/1200-1-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1200-2-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1200-0-0x0000000074FC2000-0x0000000074FC3000-memory.dmp

    Filesize

    4KB

  • memory/1200-22-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1696-24-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1696-23-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1696-26-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1696-27-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/1696-28-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/3476-18-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

  • memory/3476-9-0x0000000074FC0000-0x0000000075571000-memory.dmp

    Filesize

    5.7MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.