Network Analysis

GET /geoip HTTP/1.1 Host: api.ip.sb Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 22 Sep 2021 13:28:07 GMT Content-Type: application/json; charset=utf-8 Content-Length: 348 Connection: keep-alive Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: no-cache Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xWJItV82qnJHxQOpGkfeLVeg%2BwEhNRiusRCgsGUDUN%2BJ%2BDODqd2CTBPQZ9G1%2BTN9BW1u6xibahexO7Hb%2Fgupc2jRWGw%2BN6fTSt5fQpdip32S2zAk%2BrFZhBg9g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 692bdfe39f530a9a-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET /eaFnY HTTP/1.1 Host: pshmn.com Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently Server: nginx Date: Wed, 22 Sep 2021 13:27:36 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: http://ping.pushmon.com/pushmon/ping/eaFnY

GET /pushmon/ping/eaFnY HTTP/1.1 Host: ping.pushmon.com Connection: Keep-Alive

HTTP/1.1 403 Server: nginx Date: Wed, 22 Sep 2021 13:27:37 GMT Content-Type: text/plain;charset=ISO-8859-1 Content-Length: 72 Connection: keep-alive

GET /sss.exe HTTP/1.1 Host: f0581959.xsph.ru Connection: Keep-Alive

HTTP/1.1 200 OK Server: openresty Date: Wed, 22 Sep 2021 13:28:36 GMT Content-Type: application/octet-stream Content-Length: 1999360 Last-Modified: Tue, 21 Sep 2021 09:39:59 GMT Connection: keep-alive ETag: "6149a86f-1e8200" Expires: Wed, 29 Sep 2021 13:28:36 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes