Network Analysis

GET /rpoverka/zhopa/downloads/Task24Watch.exe HTTP/1.1 Host: bitbucket.org Connection: Keep-Alive

HTTP/1.1 302 Found content-security-policy-report-only: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *; frame-ancestors 'self' start.atlassian.com start.stg.atlassian.com atlaskit.atlassian.com; base-uri 'self'; object-src 'none'; style-src 'self' 'unsafe-inline' https://aui-cdn.atlassian.com https://d301sr5gafysq2.cloudfront.net https://d136azpfpnge1l.cloudfront.net; script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net https://d136azpfpnge1l.cloudfront.net; connect-src bitbucket.org *.bitbucket.org bb-inf.net *.bb-inf.net id.atlassian.com api.atlassian.com wss://bitbucketci-ws-service.services.atlassian.com analytics.atlassian.com as.atlassian.com api-private.stg.atlassian.com api-private.atlassian.com atl-global.atlassian.com cofs.staging.public.atl-paas.net cofs.prod.public.atl-paas.net intake.opbeat.com api.media.atlassian.com api.segment.io xid.statuspage.io xid.atlassian.com xid.sourcetreeapp.com bam.nr-data.net bam-cell.nr-data.net www.google-analytics.com stats.g.doubleclick.net sentry.io *.ingest.sentry.io events.launchdarkly.com app.launchdarkly.com bqlf8qjztdtr.statuspage.io https://d301sr5gafysq2.cloudfront.net https://d136azpfpnge1l.cloudfront.net; report-uri https://web-security-reports.services.atlassian.com/csp-report/bb-website server: envoy x-usage-quota-remaining: 999020.880 vary: Accept-Language, Origin x-usage-request-cost: 993.10 cache-control: max-age=0, no-cache, no-store, must-revalidate Content-Type: text/html; charset=utf-8 x-b3-traceid: f267ecda4e82d329 x-usage-output-ops: 0 x-used-mesh: False x-dc-location: Micros-3 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Date: Tue, 04 Apr 2023 08:21:52 GMT x-usage-user-time: 0.022168 x-usage-system-time: 0.007625 location: https://bbuseruploads.s3.amazonaws.com/92650141-3771-4ef6-8487-a8ce5ad2e240/downloads/03f126aa-6017-4520-92a2-c8112a6addd7/Task24Watch.exe?response-content-disposition=attachment%3B%20filename%3D%22Task24Watch.exe%22&AWSAccessKeyId=ASIA6KOSE3BNP45LSYXJ&Signature=bf%2BxxfvszXPMP7jtjGo74tezGNE%3D&x-amz-security-token=FwoGZXIvYXdzECIaDJgrOS6fkzSPFivs3CK%2BAcHuj52wVNnm4rSADUNCVc5KNhqiufxNy0GncP553pr2hq7mOa8QzZLZfX7%2FNjBaQFglHP7ckxSnsLkrvLRTHFl1dVlHEcN7smhQI0KxwMpNADfae%2FaN%2FXh8bG0DnFsMySkIKQY64NOruebcwBIi83SllxN5d%2Bg6Gbm8AuLRXYcLy4Anflnyt7EzTrcJuG0a5CVCYynwqm82oyPhzx%2B0EdIebw8NtM9EOGQJOS8sWpEz5hgOXWMX9%2BpnTNnbThsosLevoQYyLbYMIdEs21wl%2BhVx%2BL5t0%2B2dBfxZ6FsudMgM3WnALV9R44nUr4Ir348oXZuTrg%3D%3D&Expires=1680597688 expires: Tue, 04 Apr 2023 08:21:52 GMT x-served-by: 33e380eccf50 x-envoy-upstream-service-time: 60 content-language: en x-view-name: bitbucket.apps.downloads.views.download_file x-static-version: eb3d2d5a1880 x-render-time: 0.04752659797668457 Connection: keep-alive x-usage-input-ops: 0 x-frame-options: SAMEORIGIN x-version: eb3d2d5a1880 x-request-count: 2337 X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache" Content-Length: 0

GET /92650141-3771-4ef6-8487-a8ce5ad2e240/downloads/03f126aa-6017-4520-92a2-c8112a6addd7/Task24Watch.exe?response-content-disposition=attachment%3B%20filename%3D%22Task24Watch.exe%22&AWSAccessKeyId=ASIA6KOSE3BNP45LSYXJ&Signature=bf%2BxxfvszXPMP7jtjGo74tezGNE%3D&x-amz-security-token=FwoGZXIvYXdzECIaDJgrOS6fkzSPFivs3CK%2BAcHuj52wVNnm4rSADUNCVc5KNhqiufxNy0GncP553pr2hq7mOa8QzZLZfX7%2FNjBaQFglHP7ckxSnsLkrvLRTHFl1dVlHEcN7smhQI0KxwMpNADfae%2FaN%2FXh8bG0DnFsMySkIKQY64NOruebcwBIi83SllxN5d%2Bg6Gbm8AuLRXYcLy4Anflnyt7EzTrcJuG0a5CVCYynwqm82oyPhzx%2B0EdIebw8NtM9EOGQJOS8sWpEz5hgOXWMX9%2BpnTNnbThsosLevoQYyLbYMIdEs21wl%2BhVx%2BL5t0%2B2dBfxZ6FsudMgM3WnALV9R44nUr4Ir348oXZuTrg%3D%3D&Expires=1680597688 HTTP/1.1 Host: bbuseruploads.s3.amazonaws.com Connection: Keep-Alive

HTTP/1.1 200 OK x-amz-id-2: I4OotVj+CPkPibbZLCi/ppwv1NY8RBe5EnoHbN7EZzAf3NzcY1Db+Vr+Wp0q3tU5jHyUCd1FHqQ= x-amz-request-id: ECT0JMYV5YAPDH02 Date: Tue, 04 Apr 2023 08:21:54 GMT Last-Modified: Thu, 16 Feb 2023 12:55:55 GMT ETag: "acf4152befc5768daaf11c92fd3899b0" x-amz-server-side-encryption: AES256 x-amz-version-id: LTRtxqABDUvJvdVyXIh5.wpjrb_ZMyLA Content-Disposition: attachment; filename="Task24Watch.exe" Accept-Ranges: bytes Content-Type: application/x-msdownload Server: AmazonS3 Content-Length: 25088

GET /rpoverka/zhopa/downloads/xmrig.exe HTTP/1.1 Host: bitbucket.org Connection: Keep-Alive

HTTP/1.1 302 Found content-security-policy-report-only: base-uri 'self'; frame-ancestors 'self' start.atlassian.com start.stg.atlassian.com atlaskit.atlassian.com; connect-src bitbucket.org *.bitbucket.org bb-inf.net *.bb-inf.net id.atlassian.com api.atlassian.com wss://bitbucketci-ws-service.services.atlassian.com analytics.atlassian.com as.atlassian.com api-private.stg.atlassian.com api-private.atlassian.com atl-global.atlassian.com cofs.staging.public.atl-paas.net cofs.prod.public.atl-paas.net intake.opbeat.com api.media.atlassian.com api.segment.io xid.statuspage.io xid.atlassian.com xid.sourcetreeapp.com bam.nr-data.net bam-cell.nr-data.net www.google-analytics.com stats.g.doubleclick.net sentry.io *.ingest.sentry.io events.launchdarkly.com app.launchdarkly.com bqlf8qjztdtr.statuspage.io https://d301sr5gafysq2.cloudfront.net https://d136azpfpnge1l.cloudfront.net; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *; object-src 'none'; style-src 'self' 'unsafe-inline' https://aui-cdn.atlassian.com https://d301sr5gafysq2.cloudfront.net https://d136azpfpnge1l.cloudfront.net; script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net https://d136azpfpnge1l.cloudfront.net; report-uri https://web-security-reports.services.atlassian.com/csp-report/bb-website server: envoy x-usage-quota-remaining: 999127.893 vary: Accept-Language, Origin x-usage-request-cost: 886.83 cache-control: max-age=0, no-cache, no-store, must-revalidate Content-Type: text/html; charset=utf-8 x-b3-traceid: 20ba936a43062e78 x-usage-output-ops: 0 x-used-mesh: False x-dc-location: Micros-3 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Date: Tue, 04 Apr 2023 08:22:11 GMT x-usage-user-time: 0.026605 x-usage-system-time: 0.000000 location: https://bbuseruploads.s3.amazonaws.com/92650141-3771-4ef6-8487-a8ce5ad2e240/downloads/b3a0e12f-e350-4a5c-8239-1cb38b0ef068/xmrig.exe?response-content-disposition=attachment%3B%20filename%3D%22xmrig.exe%22&AWSAccessKeyId=ASIA6KOSE3BNLA7LD4BL&Signature=g4wJ2r5h59KSahB1y4%2F8HZRLC04%3D&x-amz-security-token=FwoGZXIvYXdzECIaDBCNQm7tYWerDBrTpyK%2BAaQp%2BdNp0ydv0AG2E4AzCKx2u%2FycIejgNxF%2FuFdAIsQHNFVyhHJ4I53ZPUtoxrTWfBbx0FoMNIEAID8XfJeZjrLs%2F1M%2FT9JGTqmtNyHXC6fIXR09xBIIdB3cPxiT7EG6GW3JgLotvx%2BYGLX6CFJhPtpimlM%2F0phB45lz3WckErYh643krmXem4wwpWSzO%2FrkIzT6SJMTQojsT7g0uGUR3FAhsVewpsXzyUQsz%2BzXCv2%2F572gwwPwAnK6rE7AIgUov7evoQYyLYHe7Tu%2FESyH%2FhbUkoPA%2B7rrGq9zuCsGanjOllD7mJgQnDWKxqZ3OhiGO8W3zQ%3D%3D&Expires=1680597703 expires: Tue, 04 Apr 2023 08:22:11 GMT x-served-by: 84ff54a87da8 x-envoy-upstream-service-time: 62 content-language: en x-view-name: bitbucket.apps.downloads.views.download_file x-static-version: eb3d2d5a1880 x-render-time: 0.05096030235290527 Connection: keep-alive x-usage-input-ops: 0 x-frame-options: SAMEORIGIN x-version: eb3d2d5a1880 x-request-count: 2095 X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache" Content-Length: 0

GET /92650141-3771-4ef6-8487-a8ce5ad2e240/downloads/b3a0e12f-e350-4a5c-8239-1cb38b0ef068/xmrig.exe?response-content-disposition=attachment%3B%20filename%3D%22xmrig.exe%22&AWSAccessKeyId=ASIA6KOSE3BNLA7LD4BL&Signature=g4wJ2r5h59KSahB1y4%2F8HZRLC04%3D&x-amz-security-token=FwoGZXIvYXdzECIaDBCNQm7tYWerDBrTpyK%2BAaQp%2BdNp0ydv0AG2E4AzCKx2u%2FycIejgNxF%2FuFdAIsQHNFVyhHJ4I53ZPUtoxrTWfBbx0FoMNIEAID8XfJeZjrLs%2F1M%2FT9JGTqmtNyHXC6fIXR09xBIIdB3cPxiT7EG6GW3JgLotvx%2BYGLX6CFJhPtpimlM%2F0phB45lz3WckErYh643krmXem4wwpWSzO%2FrkIzT6SJMTQojsT7g0uGUR3FAhsVewpsXzyUQsz%2BzXCv2%2F572gwwPwAnK6rE7AIgUov7evoQYyLYHe7Tu%2FESyH%2FhbUkoPA%2B7rrGq9zuCsGanjOllD7mJgQnDWKxqZ3OhiGO8W3zQ%3D%3D&Expires=1680597703 HTTP/1.1 Host: bbuseruploads.s3.amazonaws.com Connection: Keep-Alive

HTTP/1.1 200 OK x-amz-id-2: VHlKzatfvWnxpZPjGcvIsAe/CYzX0dgyDsXsKMiTz5Jv7Y3MherFzZZfwETfHnMsbq+qjGk7qAQ= x-amz-request-id: 6PQDVDDCGZ2Y3VXD Date: Tue, 04 Apr 2023 08:22:13 GMT Last-Modified: Thu, 16 Feb 2023 12:56:44 GMT ETag: "6c454e10bbea489cfc96253fe55ec282" x-amz-server-side-encryption: AES256 x-amz-version-id: F_.ySUKVb296RAW45ELrPoA1P..Dfu7X Content-Disposition: attachment; filename="xmrig.exe" Accept-Ranges: bytes Content-Type: application/x-msdownload Server: AmazonS3 Content-Length: 5402112