Network Analysis

POST /spj6/ HTTP/1.1 Host: www.3thaiph.com Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.3thaiph.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.3thaiph.com/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /spj6/?LZhP=WELcilCtPEVEBOtiTM/sV79+dBkJlHKpkw1Y165Vpka6sd6WRde01ttFnmDHNGdBy+pSbyUZ&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.3thaiph.com Connection: close

HTTP/1.1 200 OK Server: nginx Date: Mon, 19 Apr 2021 22:39:14 GMT Content-Type: text/html; charset=GBK Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding

POST /spj6/ HTTP/1.1 Host: www.beautybar.sucks Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.beautybar.sucks User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.beautybar.sucks/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 301 Moved Permanently Date: Mon, 19 Apr 2021 22:38:59 GMT Server: Apache/2.4.29 (Ubuntu) Location: http://www.beautybar.sucks/spj6 Content-Length: 324 Connection: close Content-Type: text/html; charset=iso-8859-1

GET /spj6/?LZhP=/RvMM/n/jqwCaC65EoynYgHRCQVKYKWSUzaDLW3VbuGWvlmwwixnAdJlTChBxsV8Vf/7elXq&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.beautybar.sucks Connection: close

HTTP/1.1 301 Moved Permanently Date: Mon, 19 Apr 2021 22:39:00 GMT Server: Apache/2.4.29 (Ubuntu) Location: http://www.beautybar.sucks/spj6?LZhP=/RvMM/n/jqwCaC65EoynYgHRCQVKYKWSUzaDLW3VbuGWvlmwwixnAdJlTChBxsV8Vf/7elXq&U4kp=Ntx4ZhIXOh7XQrX Content-Length: 427 Connection: close Content-Type: text/html; charset=iso-8859-1

POST /spj6/ HTTP/1.1 Host: www.89xs.xyz Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.89xs.xyz User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.89xs.xyz/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-Powered-By: PHP/7.0.33 X-Powered-By: ASP.NET Date: Mon, 19 Apr 2021 22:39:07 GMT Connection: close Content-Length: 321

GET /spj6/?LZhP=ChhDJUZ34acyioRDxU0I1eGwFTExh6t3ojTWkZgGpRLxdY0skGw1NzhaR82eRSGOOqXjwiEQ&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.89xs.xyz Connection: close

HTTP/1.1 404 Not Found Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/10.0 X-Powered-By: PHP/7.0.33 X-Powered-By: ASP.NET Date: Mon, 19 Apr 2021 22:39:07 GMT Connection: close Content-Length: 475

POST /spj6/ HTTP/1.1 Host: www.shopjrock.com Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.shopjrock.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.shopjrock.com/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 405 Not Allowed Server: openresty Date: Mon, 19 Apr 2021 22:39:11 GMT Content-Type: text/html Content-Length: 556 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Ba/Y1lfQ2kkDMLcIf60nQXud1Bfvn0zC4rZ+Y5bOV/0g9MP2eQgTi6lz2H9FT7pLEZHCGw85m1659qd2MwGMXQ Via: 1.1 google Connection: close

GET /spj6/?LZhP=qhnezQWTxjg/HbuTmF+cfz/AJC4nUSxVCtyRe9tzOWPiX7YfE01VM4G2EIPySa5O/Ai5gOof&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.shopjrock.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Mon, 19 Apr 2021 22:39:11 GMT Content-Type: text/html Content-Length: 275 ETag: "607bb59a-113" Via: 1.1 google Connection: close

POST /spj6/ HTTP/1.1 Host: www.ourforms.net Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.ourforms.net User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.ourforms.net/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Date: Mon, 19 Apr 2021 22:39:22 GMT Server: Apache Content-Length: 400 Connection: close Content-Type: text/html; charset=iso-8859-1

GET /spj6/?LZhP=b6QgBSz9IsgTBrSxM1TpvmYRkuJztgbn0YznHbeB8Xc6Pticprr/H1NbfIFannWFjAB+Rs5D&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.ourforms.net Connection: close

HTTP/1.1 404 Not Found Date: Mon, 19 Apr 2021 22:39:22 GMT Server: Apache Content-Length: 400 Connection: close Content-Type: text/html; charset=iso-8859-1

POST /spj6/ HTTP/1.1 Host: www.preciousvessel.com Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.preciousvessel.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.preciousvessel.com/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 405 Not Allowed Server: openresty Date: Mon, 19 Apr 2021 22:39:27 GMT Content-Type: text/html Content-Length: 556 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_PCqLkA/97HQvb79vjfM3HgFK3CImI5u+Y/hzcJqCE99JPLNEcuNVI9j+pBU2Q3JuV4nQNkTcT2MmdNYfaoamqQ Via: 1.1 google Connection: close

GET /spj6/?LZhP=AF++6DW1ZB7b6v+G1k1B+DYsQETFO/sfcexAS4/+ytZ88TDwDfNbFwA03zmQ8kbNf+vM1WkW&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.preciousvessel.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Mon, 19 Apr 2021 22:39:28 GMT Content-Type: text/html Content-Length: 275 ETag: "607bb59a-113" Via: 1.1 google Connection: close

POST /spj6/ HTTP/1.1 Host: www.my-watch-strap.com Connection: close Content-Length: 282 Cache-Control: no-cache Origin: http://www.my-watch-strap.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.my-watch-strap.com/spj6/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 19 Apr 2021 22:39:33 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.my-watch-strap.com/spj6/ X-ac: 3.kix _bur

GET /spj6/?LZhP=4ljs57iv7WHWCxw/HP0065oO4y9+WBwXKiIOn+/c+11wOtEmZ+Y6UUQYeW5XnP+wk9BrVhzX&U4kp=Ntx4ZhIXOh7XQrX HTTP/1.1 Host: www.my-watch-strap.com Connection: close

HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 19 Apr 2021 22:39:33 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.my-watch-strap.com/spj6/?LZhP=4ljs57iv7WHWCxw/HP0065oO4y9+WBwXKiIOn+/c+11wOtEmZ+Y6UUQYeW5XnP+wk9BrVhzX&U4kp=Ntx4ZhIXOh7XQrX X-ac: 3.kix _bur