Network Analysis

GET /autoupdate_devcheckupdate.php HTTP/1.1 Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 302 Found Date: Sat, 10 Aug 2024 03:28:24 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 X-Powered-By: PHP/7.4.30 Set-Cookie: PHPSESSID=ot3pm2mifa01gbetcpcu6buotn; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: ./ Content-Length: 2947 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /autoupdate_dev/launcher/index.html HTTP/1.1 Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */* Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:25 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Sat, 08 Jun 2024 10:13:44 GMT ETag: "175d-61a5e2bd2366b" Accept-Ranges: bytes Content-Length: 5981 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html

GET / HTTP/1.1 Host: linhkiem.com

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:25 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 X-Powered-By: PHP/7.4.30 Set-Cookie: PHPSESSID=3iaib8j071qe6r834ocat80s0f; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8

GET /autoupdate_devAutoUpdate.exe HTTP/1.1 Host: linhkiem.com

HTTP/1.1 302 Found Date: Sat, 10 Aug 2024 03:28:26 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 X-Powered-By: PHP/7.4.30 Set-Cookie: PHPSESSID=uj66qf7sro6u77v3i84oic734s; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: ./ Content-Length: 2947 Content-Type: text/html; charset=UTF-8

GET / HTTP/1.1 Host: linhkiem.com

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:26 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 X-Powered-By: PHP/7.4.30 Set-Cookie: PHPSESSID=0bjitl9nj0hqnb74ufevjn9a2v; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8

GET /autoupdate_dev/hostfile/update.php HTTP/1.1 Host: linhkiem.com

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:46 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 X-Powered-By: PHP/7.4.30 Transfer-Encoding: chunked Content-Type: text/xml;charset=UTF-8

GET /autoupdate_dev/launcher/css/mainsite.css HTTP/1.1 Accept: */* Referer: https://linhkiem.com/autoupdate_dev/launcher/index.html Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:52 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Fri, 27 Oct 2023 05:55:41 GMT ETag: "1240-608ac56a43a62" Accept-Ranges: bytes Content-Length: 4672 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/css

GET /autoupdate_dev/launcher/js/mainsite.js HTTP/1.1 Accept: */* Referer: https://linhkiem.com/autoupdate_dev/launcher/index.html Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:52 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Fri, 27 Oct 2023 05:55:41 GMT ETag: "572a6-608ac56a7cde9" Accept-Ranges: bytes Content-Length: 357030 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/javascript

GET /autoupdate_dev/launcher/css/box-event.css HTTP/1.1 Accept: */* Referer: https://linhkiem.com/autoupdate_dev/launcher/index.html Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:53 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Fri, 27 Oct 2023 05:55:41 GMT ETag: "42e-608ac56a4b472" Accept-Ranges: bytes Content-Length: 1070 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/css

GET /autoupdate_dev/launcher/css/style.css HTTP/1.1 Accept: */* Referer: https://linhkiem.com/autoupdate_dev/launcher/index.html Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:53 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Fri, 27 Oct 2023 05:55:41 GMT ETag: "c4e-608ac56a3fd5b" Accept-Ranges: bytes Content-Length: 3150 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/css

GET /autoupdate_dev/launcher/js/fadegallery.js HTTP/1.1 Accept: */* Referer: https://linhkiem.com/autoupdate_dev/launcher/index.html Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:54 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Fri, 27 Oct 2023 05:55:41 GMT ETag: "1bf4-608ac56a7cde9" Accept-Ranges: bytes Content-Length: 7156 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: application/javascript

GET /autoupdate_dev/launcher/js/commone942.js?clear=20140520 HTTP/1.1 Accept: */* Referer: https://linhkiem.com/autoupdate_dev/launcher/index.html Accept-Language: ko-KR UA-CPU: AMD64 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Host: linhkiem.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:54 GMT Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30 Last-Modified: Fri, 27 Oct 2023 05:55:41 GMT ETag: "33d-608ac56a7cde9" Accept-Ranges: bytes Content-Length: 829 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: application/javascript

GET /SectigoRSADomainValidationSecureServerCA.crt HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crt.sectigo.com

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:24 GMT Content-Type: application/pkix-cert Content-Length: 1559 Connection: keep-alive Last-Modified: Fri, 02 Nov 2018 00:00:00 GMT Etag: "33e4e80807204c2b6182a3a14b591acd25b5f0db" Cache-Control: max-age=86400,s-maxage=14400,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: scdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 2432 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8b0ce54a98b83271-ICN

GET /SectigoRSADomainValidationSecureServerCA.crt HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crt.sectigo.com

HTTP/1.1 200 OK Date: Sat, 10 Aug 2024 03:28:25 GMT Content-Type: application/pkix-cert Content-Length: 1559 Connection: keep-alive Last-Modified: Fri, 02 Nov 2018 00:00:00 GMT Etag: "33e4e80807204c2b6182a3a14b591acd25b5f0db" Cache-Control: max-age=86400,s-maxage=14400,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: scdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 2433 Accept-Ranges: bytes Server: cloudflare CF-RAY: 8b0ce54cdbcf3271-ICN