CapTipper Report

CapTipper

Analysis Info

PCAP File	Analysis Time	CapTipper Version	Traffic Time
/opt/Malware-Project/BigDataset/Scenarios/CTU-Malware-Capture-Botnet-276-1//2017-06-24_win16.pcap	08/17/17 11:17:37	0.3 b13	11/13/92 20:25:47

Flow View

Client Details

IP	192.168.1.126
MAC	08:00:27:9d:05:4d
USER-AGENT	Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322)

Conversations

82.165.142.107:443 (82.165.142.107:443)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

0.html

502 Bad Gateway

HTML

362.0 B

11/13/92 20:25:47

Download
SHA256	14efcf41a110314eb41f8a66ba1b5833759d5650dde77a5ea20d1036d35071af
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: 4CE8=fIUbi6hDGin6Dz3tox1s4yjEoVpjvkM8TgVQ96acDV/BolIfTlht2mN8qK/jJ4st+Y+6g6w4LxYkJFixRyP1QgdFpupNsx864CM+uikSJUJrZ1KFQMtQwJS8HxoiLcGjuEhQSUjD7LzUT6h+M3wlDScUBdejFe2zQVNVcg7RQOd58Gm4fU5BZoymM6aH6oyBN6OuHBswbzdY4OLGo9HeRALhHIx5qDkWkFVbXtDQf0F19gh2js8tiJYDeCn2h6V5/q7hwzxHdQmwzQSD059hCt8j1fAWMwhXlf6YyPg5cH3xjNUbEYX37KaAw+m2QFp5cgXhHjqAXqbv/xTXsjt6Kmcsgjv2pl4gKdUBI/OIr9ElkLHeK9xcBZB/UIJIkrc0MtM0XIzmzPY3KXbDXIsGIUf5xCuQhZbuXvEPFSn9nZF6zOxnLcxAkeJI7VlTylRsuThQxcEUWicQYWaU7uynu3MXL8Q4CqFRt7VnFCLD92g25Z2m User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 82.165.142.107:443 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 362 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

103.4.18.170:443 (103.4.18.170:443)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

1.html

400 Bad Request

HTML

362.0 B

12/17/93 22:13:15

Download
SHA256	315b5579f75a8f732a18222b87bc50a81b03ce28aee9d7518ecb9288f38a9fdd
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: E87B=KmUk6ITuvBeMwwxWytFWPoPcx0VKNilq2xWNjPFw0b9HW3RRYQpQT9o6LgNaEHhXLXjciqQ1fCMl2WnM/tQ6Maqh6tyhf6xU8ZawL4HMfOzIjsf9stGAxu2d5zhU1a9GuEhQSUjD7LzUT6h+M3wlDScUBdejFe2zQVNVcg7RQOd58Gm4fU5BZoymM6aH6oyBN6OuHBswbzdY4OLGo9HeRALhHIx5qDkWkFVbXtDQf0F19gh2js8tiJYDeCn2h6V5/q7hwzxHdQmwzQSD059hCt8j1fAWMwhXlf6YyPg5cH3xjNUbEYX37KaAw+m2QFp5cgXhHjqAXqbv/xTXsjt6Kmcsgjv2pl4gKdUBI/OIr9ElkLHeK9xcBZB/UIJIkrc0MtM0XIzmzPY3KXbDXIsGIUf5xCuQhZbuXvEPFSn9nZF6zOxnLcxAkeJI7VlTylRsuThQxcEUWicQYWaU7uynu3MXL8Q4CqFRt7VnFCLD92g25Z2m User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 103.4.18.170:443 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 400 Bad Request Date: Mon, 05 Jun 2017 18:01:19 GMT Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips Content-Length: 362 Connection: close Content-Type: text/html; charset=iso-8859-1
Response Peek (128 B)	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1...

46.163.78.94:443 (46.163.78.94:443)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

2.html

502 Bad Gateway

HTML

358.0 B

01/28/95 12:48:43

Download
SHA256	38ad3045d17b80939af39b849f42f235f16a5cf7a00082dc514b1d82ee400bb1
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: 71B7=JdKU3lYZtMerNtyYaNhlKbdBsdSsgz/yI6ufBz3ipakfmXM/Wu8eNu0tm2rTaT4UmO0bwsLPU0wO+HuM9iw44rRzfOveqX8rmxTxniAbehobGSXjlMtBxTrETI0EeZMnuEhQSUjD7LzUT6h+M3wlDScUBdejFe2zQVNVcg7RQOd58Gm4fU5BZoymM6aH6oyBN6OuHBswbzdY4OLGo9HeRALhHIx5qDkWkFVbXtDQf0F19gh2js8tiJYDeCn2h6V5/q7hwzxHdQmwzQSD059hCt8j1fAWMwhXlf6YyPg5cH3xjNUbEYX37KaAw+m2QFp5cgXhHjqAXqbv/xTXsjt6Kmcsgjv2pl4gKdUBI/OIr9ElkLHeK9xcBZB/UIJIkrc0MtM0XIzmzPY3KXbDXIsGIUf5xCuQhZbuXvEPFSn9nZF6zOxnLcxAkeJI7VlTylRsuThQxcEUWicQYWaU7uynu3MXL8Q4CqFRt7VnFCLD92g25Z2m User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 46.163.78.94:443 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 358 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

81.88.24.211:443 (81.88.24.211:443)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

3.html

502 Bad Gateway

HTML

358.0 B

03/02/96 11:32:57

Download
SHA256	a6c8905a5d2211435c5f230c52b3056ae02a671aedb6ebc65546a438cbe8d020
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: F85C=J9KAF9hlXjzxLggWiI1UEo4TdtIswg+5laFIPlQ+J/xbx1x3k87wxv02ka2MtdB6bSJV332Iqrh4Jl/30qj9+cQTE+eHM7N1UF40OgmP24SR8gOzlb+eNY5ZzPsmkPo2MhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 81.88.24.211:443 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 358 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

45.79.186.178:8080 (45.79.186.178:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

4.html

0.0 B

04/05/97 10:34:47

87.106.77.193:8080 (87.106.77.193:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

5.html

502 Bad Gateway

HTML

361.0 B

04/03/99 08:26:22

Download
SHA256	ea0cfe8e958d5c96c5feb699fef3dddb969dc49b563f52fc390a4240b37d10de
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: 74AE=bYVXNCbE41BKCgBzWtE9SxvTD8e6fUWt40uVY8isrfnNCLu6Tlc7mHCNPzmyW6AKtwgBaTp0PdUEaOPx8UwtCVqJD555B18QXaUi0VzjXaLF36dDYb8drgBdYoFVEviVMhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 87.106.77.193:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 361 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

163.172.81.35:8080 (163.172.81.35:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

6.html

502 Bad Gateway

HTML

361.0 B

05/06/00 09:56:22

Download
SHA256	27362ec3187c4d814fa346710dc1613c740111cce1264ee7eb7fdcf5fcc7de40
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: FB5E=hscVNTZ6nLH14o/WTdJgjUloR1kY3eAAdOjmdWlwv70TEfMCfQS7ph0rAHTGEId8qbszq1zVtAR1m3jlFBgDc2RuwIg4oyWlTzaWY59ESpdKyLvFsS6V4GYCHieC8arcMhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 163.172.81.35:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 361 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

109.169.66.107:8080 (109.169.66.107:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

7.html

502 Bad Gateway

HTML

363.0 B

06/09/01 11:24:25

Download
SHA256	681dfadba949250b914640864617d0a8caabad7d11e9694aa7e0ecda13d9afb7
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: 820E=k6lunkuYp2gTUtyCY2tb1BSSIaUXdaR1et05c/2nSOH9IqeB0O7nZ5cYmUpVecjmaoXj6OS9IKuNhk32Zyeops56p2/q+xN4oH6NdUADO21MUQtqGxddQu5qhFqqTXr2MhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 109.169.66.107:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 363 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

85.25.119.91:8080 (85.25.119.91:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

8.html

0.0 B

07/13/02 13:03:57

62.75.145.252:8080 (62.75.145.252:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

9.html

502 Bad Gateway

HTML

361.0 B

07/08/04 19:47:24

Download
SHA256	1e6794c766602557015064115c0dec844d15acf521da5d5fe89b13481b8f99a1
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: FDDD=YnRrBjXJOiX/qclQG5F+eVsTVkW1I5mALYRDzFVvVDYmePNDEDJX+XKtSilgDfNfLTl2LQDDKoPQxd9PoDoA6FbAKSMGQgGTObNa5qUWHlG8ewJCP6GnSTJjFszlciC1MhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 62.75.145.252:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 361 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

178.79.172.45:8080 (178.79.172.45:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

10.html

0.0 B

08/11/05 18:57:10

192.155.83.86:8080 (192.155.83.86:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

11.html

0.0 B

08/08/07 01:15:09

95.110.231.207:8080 (95.110.231.207:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

12.html

502 Bad Gateway

HTML

363.0 B

08/03/09 07:52:15

Download
SHA256	f7bc62d8a837324099113a4083065df97b5e225367d6446570a1a401b9000ff7
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: 6EC2=MX/7r6AVPm2ssIbCpEAxOWW3+QwbU40tsnLP0EBqMvCdt4TbHE7yysicZCcBpS3AvWwJ2OfXJ5qKsPPK8+NgKrHxJVksIr1HiowqOD4GcNT2o5B6Pt0DB/mr/78LjhNIMhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 95.110.231.207:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 363 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

139.59.33.202:8080 (139.59.33.202:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

13.html

502 Bad Gateway

HTML

361.0 B

09/06/10 17:44:14

Download
SHA256	e12f08bac71147280d5710fb1448614fe3b404e14ec49e909778067bbd8b89e8
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: F590=OdqEmIMGDEYgejkFo8or1qFzPkG9laxeY4N19OB4mLMmYQI8e+mbhAP1cQsaLsICsVMRG2YPfZzLu3tOx181NZh3QsCO+/6pLadjAv5yerS+azOIP2e/bqT2A5mnWoXIMhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 139.59.33.202:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 361 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...

66.175.215.16:8080 (66.175.215.16:8080)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

text/html

14.html

502 Bad Gateway

HTML

361.0 B

10/12/11 07:57:57

Download
SHA256	fa5a16d0f8ba0ee6563b9e28d8fba393a6a573e68f0f383dd68a54c1f68ff3af
Referer
Magic	HyperText Markup Language (HTML)
Request	GET / HTTP/1.1 Cookie: 7CC3=DgOOQSAIv5LuE0jxgZsY6JSF/9bDgQOs4ZsMYmbKbcFWwduknR1B+KgfhJUcRgJWWXP4pZzqD3PBGykdr2oqScutu4ZBglhB/CJnAxABQLF+Jp57kxMxRl25TI2jdHq4MhTyNI5CGEqsA2zsPPMVnoNOD17W/UsR2CcsKh7nmjTq0Yj+3X4x18c/NzRBHDGTNI1DiVVnHK434r1Ts1SCs7xpIUc8KCTf4YjI5f6lIy7k7vRKXBGDUFUBRlviCerqBSgg8NcNI59z8aheOUuoOOVGmw75/xicrJ0piu8/jV1p5f4WHPU9w9A9YfkJA5kKaUf4BofBGODDeYPCPRX/y/s3NiWlqygxAURC0VWrKAkg94kEpp65BFal1ep+wzXmD+FOPjXWoOWtp8C+enewiLQ7FkvWAni0U4hMlFYUGSHYCfe6vh/Gt+BJsYjlC2DKAq9y39kj6/KYthJ8DGUXZkF+ueQ= User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322) Host: 66.175.215.16:8080 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 502 Bad Gateway Content-Type: text/html Content-Length: 361 Connection: close Server: mitmproxy 2.0.1
Response Peek (128 B)	<html> <head> <title>502 Bad Gateway</title> </head> <body> <h1>...