8.8.8.8:53

104.21.87.76:80

GET /addInstall.php?key=125478824515ADNxu2ccbwe&ip=&oid=149&oname[]=07Sep1157AM_UPD5Sep&oname[]=dir&oname[]=ult&oname[]=you&oname[]=GCl&oname[]=Der&oname[]=Cle&oname[]=new&oname[]=Pyi&oname[]=lih&cnt=9 HTTP/1.1
Host: hsiens.xyz
Accept: */*

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdbvVs1rglSSXBDxtQQuIgYkevgC6F0MZTCpCuYJzTRvWlPWr%2FQMLMb9m3N3gLsbHpU8lkphbnZXDe7x%2FeqmPgCyORs3tVviM5nrrV%2FrkBLPTuc5LjZ6pXCvkbK4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2a18bd01ebe-AMS

8.8.8.8:53

144.202.76.47:443

GET / HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Host: www.listincode.com
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Sep 2021 17:47:17 GMT
Content-Type: text/html
Content-Length: 2
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Access-Control-Allow-Origin: *

8.8.8.8:53

8.8.8.8:53

162.0.213.132:80

HEAD /Installer_Provider/UltraMediaBurner.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: safialinks.com
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:10 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 14:56:02 GMT
ETag: "75000-5cb68f6d8e480"
Accept-Ranges: bytes
Content-Length: 479232
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdos-program

162.0.213.132:80

GET /Installer_Provider/UltraMediaBurner.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: safialinks.com
Connection: Keep-Alive
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:10 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 14:56:02 GMT
ETag: "75000-5cb68f6d8e480"
Accept-Ranges: bytes
Content-Length: 479232
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-msdos-program

104.21.79.144:443

GET /userf/dat/2302/sqlite.dat HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: a.goatgame.co

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:10 GMT
Content-Length: 578669
Connection: keep-alive
last-modified: Wed, 28 Jul 2021 11:35:53 GMT
etag: "8d46d-5c82d6397d18a"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVyzEFPIYXnUNrbN%2BgSZwzTnHFQVb%2BDBrbHHspxVLAEHhVDR4njFlNDcaaGJbz%2FYhMPTG7D0G3UF2GDjXjxJPQ401w2GKFwyZaUvcswh3P2oDuMbixaHA7mpvQL%2B5WQO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2bc0fe74bf5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

104.21.79.144:443

GET /userf/dat/sqlite.dll HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: a.goatgame.co

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:14 GMT
Content-Type: application/x-msdownload
Content-Length: 13312
Connection: keep-alive
last-modified: Fri, 27 Aug 2021 04:30:17 GMT
etag: "3400-5ca82f0bd6e46"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNc%2BAUjBRfmGnhvJc9%2FsfQzlhGf%2FA25W5GqUCVEgZG0v1mDsbL%2B7E27t8zAWxWVvsvrpjdv%2B80ZXVDVeTywIOmPEzosiO%2FHLF0vFhVIXYBtapc1VaDaJi4Dv%2BT9dFhQn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2d5ba454bf5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

8.8.8.8:53

162.159.130.233:443

GET /attachments/873244194234318850/884688244187471922/pctool.exe HTTP/1.1
Host: cdn.discordapp.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:10 GMT
Content-Type: application/x-msdos-program
Content-Length: 3012096
Connection: keep-alive
CF-Ray: 68b1c2be0fbe4c3d-AMS
Accept-Ranges: bytes
Age: 20091
Cache-Control: public, max-age=31536000
Content-Disposition: attachment;%20filename=pctool.exe
ETag: "2ab014b34ece96e3f16c6048e86498e6"
Expires: Wed, 07 Sep 2022 17:47:10 GMT
Last-Modified: Tue, 07 Sep 2021 06:35:14 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1630996514224744
x-goog-hash: crc32c=2JAT7g==
x-goog-hash: md5=KrAUs07OluPxbGBI6GSY5g==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3012096
X-GUploader-UploadID: ADPycdvNk5nEEAKwahLmlYi2trCczG_-UCjXVN9ZGg7ybfcCwoqR0uAvrGcm7jr-uqp0UkuGHMQ6SmCJq2fn-zfrYOU
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Sex94tNeoV6i4CjWpUXCxAdOWxpUZvxTPfCq1HE%2B1o8pufdUNNUl63eiqKQ%2Ffa6L%2BCbLU005EfLlwa9LCVUKLV0tOvaYoPHrxVWd6%2F%2BuhIkXFcaAvOYKTwCBst5EHx%2FS8uhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare

8.8.8.8:53

8.8.8.8:53

172.67.211.161:443

GET /?user_auth=p3_1 HTTP/1.1
Host: startupmart.bar
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxtmJUmx5lYLra5mKIhAvI%2BkEemikKpOONYzN6d%2FDThtJ1%2Fw%2FG7SXWFUGFAvFcgM5TJogL8xvYlZHr9TSO5cIUPYHeJSzb1OAJuoUvQySGdaW7wYIpQ85iICO13DhVOcIJI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2c65ef54162-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

172.67.211.161:443

GET /?user_auth=p3_2 HTTP/1.1
Host: startupmart.bar

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvo4G66NCA93u1Fs9u8e1oNFpbkJoTo4UogI%2FsbWLpRANLnUY4m%2F4tFSkisLsqg%2FTU1iqeZVDUALdMtSLC8phLEh8isnuvFA8i4%2F8RvoynQvleyhkzXqdo3KThIv1NLNFwA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2cc18ce4162-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

172.67.211.161:443

GET /?user_auth=p3_3 HTTP/1.1
Host: startupmart.bar

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR0wZtkWtKakgUsWuL07gW4yWhG%2B11wauZ7K1vqVMZTXbzkcJnLyb9KpxvJ7tLFHU3CMo38NFDQ8YO9HtWfLi0aV4os6PCih3Fmiytb53aLY0A%2BTSvRQsHJDN%2B3IcuwhXGE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2cf5b2f4162-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

172.67.211.161:443

GET /?user_auth=p3_4 HTTP/1.1
Host: startupmart.bar

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47D9MEk2fZ8f1wN5C77dP2EnRlOrFx%2F9%2FxlFyuiqeFo7EdKV8sZAfsuzA%2FhEYBK%2FQy0j8CaAqBXu0zXOV9eDwvxLr0QL%2BjInjoS0fFpBDO0BNewfMDng4v5x9HIO0828lrk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2d459834162-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

172.67.211.161:443

GET /?user_auth=p3_5 HTTP/1.1
Host: startupmart.bar

HTTP/1.1 500 Internal Server Error
Date: Tue, 07 Sep 2021 17:47:20 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP%2FWS93BkbCHNpY9ab7pUJYnYS4aPknSX91ftPC8zxweKzyFRDIXOBdARqcENAEr4GNaKOYuRcV5x1lDKCwoAXbK%2B7QZoPRTxh8%2BGhEDryO2Va5ZMxo2w1JL7eAZrSyNmOc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2f128654162-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

172.67.211.161:443

GET /?user_auth=p3_6 HTTP/1.1
Host: startupmart.bar

HTTP/1.1 200 OK
Date: Tue, 07 Sep 2021 17:47:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmiXU8b73e39MmaxTlI7%2Bmw1Jehd6T6PEGzhGreJzoQpNrbG4%2BEltqXjWSbgVwKWIfRzoXg7q3jbH%2BAJjwQ%2BnBq%2BEaIezqN%2FdIiYVcdYGqb0L%2Ft9zZFuQQdXk5ol8AMiV6o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68b1c2fec8b64162-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

8.8.8.8:53

72.21.91.29:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJrF0xYA49jC3D83fgDGesaUkzIQQUf9OZ86BHDjEAVlYijrfMnt3KAYoCEAYJR5FkG19ljPHMaGsuvmc%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: statuse.digitalcertvalidation.com

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3737
Cache-Control: max-age=162942
Content-Type: application/ocsp-response
Date: Tue, 07 Sep 2021 17:47:16 GMT
Etag: "61377089-1d7"
Expires: Thu, 09 Sep 2021 15:02:58 GMT
Last-Modified: Tue, 07 Sep 2021 14:00:41 GMT
Server: ECS (bsa/EB1C)
X-Cache: HIT
Content-Length: 471

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53