Network Analysis

GET / HTTP/1.1 Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Thu, 29 Jul 2021 02:08:56 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=ISO-8859-1 P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2021-07-29-02; expires=Sat, 28-Aug-2021 02:08:56 GMT; path=/; domain=.google.com; Secure Set-Cookie: NID=220=pJzVOWh88lVsQ_t03JtyF1NN5QvWFBIAZPetFYhGjabi9YygJwoBi0SV32R3QYcan82GKmeMyKNmzcjzTAl1XeJRGl2dMVsRwe7zPcQAwVzH7TJzGpQkU2bfImFrV-GcKrRpqyp7t3Bi3j16ZVA2N_OJv8TUG4HWS9wtJvIGbgI; expires=Fri, 28-Jan-2022 02:08:56 GMT; path=/; domain=.google.com; HttpOnly Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Transfer-Encoding: chunked

GET / HTTP/1.1 Host: www.bing.com Connection: Keep-Alive

HTTP/1.1 200 OK Cache-Control: private Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8 P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND" Set-Cookie: MUID=305D511865E46F3E03A0419B64AF6EC2; domain=.bing.com; expires=Tue, 23-Aug-2022 02:08:56 GMT; path=/; secure; SameSite=None Set-Cookie: MUIDB=305D511865E46F3E03A0419B64AF6EC2; expires=Tue, 23-Aug-2022 02:08:56 GMT; path=/ Set-Cookie: _EDGE_S=F=1&SID=2B8EE524532A6E612491F5A752616F7D; domain=.bing.com; path=/ Set-Cookie: _EDGE_V=1; domain=.bing.com; expires=Tue, 23-Aug-2022 02:08:56 GMT; path=/ Set-Cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Sat, 29-Jul-2023 02:08:56 GMT; path=/ Set-Cookie: SRCHUID=V=2&GUID=2781F9CACA784FD889A23B160423B2E1&dmnchg=1; domain=.bing.com; expires=Sat, 29-Jul-2023 02:08:56 GMT; path=/ Set-Cookie: SRCHUSR=DOB=20210729; domain=.bing.com; expires=Sat, 29-Jul-2023 02:08:56 GMT; path=/ Set-Cookie: SRCHHPGUSR=SRCHLANG=ko; domain=.bing.com; expires=Sat, 29-Jul-2023 02:08:56 GMT; path=/ Set-Cookie: _SS=SID=2B8EE524532A6E612491F5A752616F7D; domain=.bing.com; path=/ Set-Cookie: ULC=; domain=.bing.com; expires=Wed, 28-Jul-2021 02:08:56 GMT; path=/ Set-Cookie: _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMS0wNy0yOVQwMDowMDowMFoiLCJJb3RkIjowLCJEZnQiOm51bGwsIk12cyI6MCwiRmx0IjowLCJJbXAiOjF9; domain=.bing.com; expires=Sat, 29-Jul-2023 02:08:56 GMT; path=/ X-SNR-Routing: 1 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 8BC2BA38005C45EFB01FD7CF42D344D6 Ref B: SLAEDGE0311 Ref C: 2021-07-29T02:08:56Z Date: Thu, 29 Jul 2021 02:08:56 GMT

GET /b8eu/?tZkPcbJ=ikEP9axVrVJQ4yzQv1a0So0AK/0nXX40fXsXS3BIZ5+6aY5O0aZDKYPEtFKmHn2jcXhg5OSy&U4kp=Ntx0URGPFVMpdnk HTTP/1.1 Host: www.domainedelafrouardiere.com Connection: close

HTTP/1.1 200 OK Date: Thu, 29 Jul 2021 02:10:10 GMT Content-Length: 1493 Content-Type: text/html Server: Microsoft-IIS/7.5

GET /b8eu/?tZkPcbJ=TcAW/3HIy/RXA4RTi/4sSuhjTOZJJImWupSyDirF/K4t/wtg63HQAYgT1I4ugZkqvoHylkSb&U4kp=Ntx0URGPFVMpdnk HTTP/1.1 Host: www.scoutandstellar.com Connection: close

HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Thu, 29 Jul 2021 02:10:15 GMT location: http://survey-smiles.com server: nginx set-cookie: sid=1dd30830-f012-11eb-ad77-33e0b4f4bc71; path=/; domain=.scoutandstellar.com; expires=Tue, 16 Aug 2089 05:24:23 GMT; max-age=2147483647; HttpOnly

GET /b8eu/?tZkPcbJ=YDI1SWbbFRthc8Kjnqcv/XHNG8x6cigBY/xRhCdFgjBrhgoPW0KwDcLaM2HjMafBAr+1quYA&U4kp=Ntx0URGPFVMpdnk HTTP/1.1 Host: www.maxridetubes.com Connection: close

HTTP/1.1 301 Moved Permanently Date: Thu, 29 Jul 2021 02:10:27 GMT Transfer-Encoding: chunked Connection: close Cache-Control: max-age=3600 Expires: Thu, 29 Jul 2021 03:10:27 GMT Location: https://www.maxridetubes.com/b8eu/?tZkPcbJ=YDI1SWbbFRthc8Kjnqcv/XHNG8x6cigBY/xRhCdFgjBrhgoPW0KwDcLaM2HjMafBAr+1quYA&U4kp=Ntx0URGPFVMpdnk cf-request-id: 0b91a012950000eaf85ca3e000000001 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNXq6TRql49spakFRY3oDd0CuoA9GQH9OQi3j7mAdbsKddEdE%2FyG0LimgGtbfZnJWhUHnswLQrncS%2FU%2FbajBRUcqPkQMF4oh1eKvStgyGLOAcd95HXVUK9RZ2g9X%2F4DkI0mnHT7lAA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6762cf975859eaf8-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /b8eu/?tZkPcbJ=BJsIvBSedMRHPw6hRBySesvKf4cy5ptvtRL/e7MsGjTsJ8iq89FIxlkUleqlB63Tk93sEUrP&U4kp=Ntx0URGPFVMpdnk HTTP/1.1 Host: www.yummylipz.net Connection: close

HTTP/1.1 403 Forbidden Date: Thu, 29 Jul 2021 02:10:37 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding X-Sorting-Hat-PodId: 166 X-Sorting-Hat-ShopId: 45294059687 X-Request-ID: af55e2e5-50a1-44cf-9471-bd80c3a56f07 X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 1; mode=block X-Download-Options: noopen X-Content-Type-Options: nosniff X-Dc: gcp-us-central1 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 6762cfd879fd3688-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /b8eu/?tZkPcbJ=gkdpJ1zByS8LyCRTesqZl9VheaB/Zqa4TdknO1A1T4zMO1m8tJGMEDdmPtnczAbOd1yMToKT&U4kp=Ntx0URGPFVMpdnk HTTP/1.1 Host: www.jqxfinance.com Connection: close

HTTP/1.1 301 Moved Permanently Server: awselb/2.0 Date: Thu, 29 Jul 2021 02:10:53 GMT Content-Type: text/html Content-Length: 134 Connection: close Location: https://www.jqxfinance.com:443/b8eu/?tZkPcbJ=gkdpJ1zByS8LyCRTesqZl9VheaB/Zqa4TdknO1A1T4zMO1m8tJGMEDdmPtnczAbOd1yMToKT&U4kp=Ntx0URGPFVMpdnk